[nsd-users] Additional section and minimal responses
Olafur Gudmundsson
ogud at ogud.com
Wed May 11 19:16:50 UTC 2016
> On May 11, 2016, at 9:12 AM, John Bond <nsd at johnbond.org> wrote:
>
>
>
> On 10/05/2016 19:16, Anand Buddhdev wrote:
>> On 10/05/16 19:48, John Bond wrote:
>>>
>>> I have set up an example.com zone on one of my server's to demonstrate
>>> this. The following query produces no glue records in the additional
>>> section.
>>>
>>> dig ns example.com. @5.28.62.36 +bufsize=1440 +norec
>>
>> Right, so here, NSD isn't providing any glue. However... the recursor
>> already has at least one address that it knows answers for example.com
>> (because the response had AA), and this address is 5.28.62.36. So the
>> recursor should be able to follow up with A and AAAA queries to
>> 5.28.62.36 for all those NS records it got in the answer.
> Ahh yes thanks
>>
>> However, if the response from 5.28.62.36 had not been an authoritative
>> answer, but rather a delegation, then missing glue would make resolution
>> fail. NSD should recognise this, and set the TC bit in the response to
>> encourage the client to come back over TCP.
> So i created a delegation and i still receive no glue see the following
>
> dig ns sub.example.com. @5.28.62.36 +bufsize=1444 +norec
> dig ns sub.example.com. @2001:41c9:1:41c::36 +bufsize=1444 +norec
>
> This server will also allow axfr for the example.com and the nsd config
> is available as here
> https://gist.github.com/b4ldr/ec7e27c96099da0c86c815340c286697
>
> Thanks John
John,
The NS is 40 records that requires a 1444 byte answer so when I increased the buffer size to 3K
I got two A records indicating that the server is limiting answers it gives out over UDP
With tcp I got
;; Query time: 89 msec
;; SERVER: 5.28.62.36#53(5.28.62.36)
;; WHEN: Wed May 11 15:13:04 EDT 2016
;; MSG SIZE rcvd: 3204
check your settings for
ipv4-edns-size: <number>
Preferred EDNS buffer size for IPv4.
ipv6-edns-size: <number>
Preferred EDNS buffer size for IPv6.
Olafur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20160511/b2823408/attachment.htm>
More information about the nsd-users
mailing list