Hi list
Using BIND-9.18.5 as a recursive server:
What's the reason, that BIND answers with the additional section for the
the following query where for example Knot resolver and also PowerDNS
resolver doesn't add the additional section for the same query?
# Querying BIND
$ dig @test ns bastelwurstel.ch
; <<>> DiG 9.18.5 <<>> @test ns bastelwurstel.ch
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44509
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 5591e3c9e8f24edb0100000062fbb2eb6e52dd8888d8fb37 (good)
;; QUESTION SECTION:
;bastelwurstel.ch. IN NS
;; ANSWER SECTION:
bastelwurstel.ch. 288 IN NS ns2.netnoise.ch.
bastelwurstel.ch. 288 IN NS ns1.netnoise.ch.
;; ADDITIONAL SECTION:
ns1.netnoise.ch. 3565 IN A 46.22.21.106
ns2.netnoise.ch. 3565 IN A 46.22.21.107
;; Query time: 0 msec
;; SERVER: 10.100.102.21#53(test) (UDP)
;; WHEN: Tue Aug 16 17:08:27 CEST 2022
;; MSG SIZE rcvd: 152
# Querying Knot
$ dig @localhost -p 8888 ns bastelwurstel.ch
; <<>> DiG 9.18.5 <<>> @localhost -p 8888 ns bastelwurstel.ch
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1240
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;bastelwurstel.ch. IN NS
;; ANSWER SECTION:
bastelwurstel.ch. 600 IN NS ns2.netnoise.ch.
bastelwurstel.ch. 600 IN NS ns1.netnoise.ch.
;; Query time: 44 msec
;; SERVER: 127.0.0.1#8888(localhost) (UDP)
;; WHEN: Tue Aug 16 17:23:27 CEST 2022
;; MSG SIZE rcvd: 90
BIND (resolver) is configured with "minimal-responses yes;", but I
assume this is an authoritative-only-option...., right?
When flushing the cache for the servers mentioned in the additional
section (rndc flushname ns1.netnoise.ch; rndc flushname
ns2.netnoise.ch), then the response looks similar to Knot's/PDNS's response:
# Querying BIND after flushing the cache
$ dig @test ns bastelwurstel.ch
; <<>> DiG 9.18.5 <<>> @test ns bastelwurstel.ch
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39403
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 6d897a3fd76dd8150100000062fbb44d5082963f3c5dedd4 (good)
;; QUESTION SECTION:
;bastelwurstel.ch. IN NS
;; ANSWER SECTION:
bastelwurstel.ch. 596 IN NS ns2.netnoise.ch.
bastelwurstel.ch. 596 IN NS ns1.netnoise.ch.
;; Query time: 4 msec
;; SERVER: 10.100.102.21#53(test) (UDP)
;; WHEN: Tue Aug 16 17:14:21 CEST 2022
;; MSG SIZE rcvd: 120
Any hints why BIND adds the additional section while other resolvers
doesn't? Is there an option in BIND to behave like Knot/PDNS?
Many thanks.
Regards,
Tom
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
