[Unbound-users] Question about qtype=any
Luo Ce
luoce at cnnic.cn
Mon Jul 11 00:59:04 UTC 2011
Not only www.google.com, I tried www.sohu.com and www.yahoo.com, the results
unbound gave me all include the A records.
So the problem may not be the authoritative server, it looks like unbound
continue to process the cname response and get the final A records.
; <<>> DiG 9.7.3-P1 <<>> @localhost www.sohu.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55095
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;www.sohu.com. IN ANY
;; ANSWER SECTION:
www.sohu.com. 600 IN CNAME d7.a.sohu.com.
d7.a.sohu.com. 300 IN CNAME frontend-tc7.a.sohu.com.
frontend-tc7.a.sohu.com. 300 IN A 61.135.181.169
frontend-tc7.a.sohu.com. 300 IN A 61.135.181.171
frontend-tc7.a.sohu.com. 300 IN A 61.135.181.167
;; AUTHORITY SECTION:
a.sohu.com. 3600 IN NS y.a.sohu.com.
a.sohu.com. 3600 IN NS x.a.sohu.com.
a.sohu.com. 3600 IN NS z.a.sohu.com.
;; ADDITIONAL SECTION:
x.a.sohu.com. 7200 IN A 121.14.0.42
y.a.sohu.com. 7200 IN A 220.181.26.169
z.a.sohu.com. 7200 IN A 61.135.179.168
; <<>> DiG 9.7.3-P1 <<>> @localhost www.yahoo.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24745
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.yahoo.com. IN ANY
;; ANSWER SECTION:
www.yahoo.com. 300 IN CNAME fp.wg1.b.yahoo.com.
fp.wg1.b.yahoo.com. 60 IN CNAME any-fp.wa1.b.yahoo.com.
any-fp.wa1.b.yahoo.com. 60 IN A 98.137.149.56
any-fp.wa1.b.yahoo.com. 60 IN A 72.30.2.43
From: Blacka, David [mailto:davidb at verisign.com]
Sent: Friday, July 08, 2011 8:25 PM
To: Luo Ce
Cc: <unbound-users at unbound.net>
Subject: Re: [Unbound-users] Question about qtype=any
On Jul 7, 2011, at 9:30 PM, Luo Ce wrote:
Hi all,
When I use unbound and send a query with qtype = any
dig @localhost www.google.com any
unbound returns me the following results:
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11161
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN ANY
;; ANSWER SECTION:
www.google.com. 604800 IN CNAME www.l.google.com.
www.l.google.com. 300 IN A 74.125.71.147
www.l.google.com. 300 IN A 74.125.71.99
www.l.google.com. 300 IN A 74.125.71.106
www.l.google.com. 300 IN A 74.125.71.105
www.l.google.com. 300 IN A 74.125.71.103
www.l.google.com. 300 IN A 74.125.71.104
I just want to know whether the A records are needed for the qtype any, cos
when I send the same query to bind, it only returns me the cname answer.
I believe what is happening here is that unbound is returning what the
authoritative server returns for 'www.google.com/ANY', while BIND is
reconstructing the answer (that is, looking at its cache and returning all
RRsets that match the qname).
So, maybe a better question is: why does google's authoritative nameservers
return the A records with qtype=ANY?
--
David Blacka <davidb at verisign.com>
Principal Engineer Verisign Infrastructure Engineering
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20110711/f562e872/attachment.htm>
More information about the Unbound-users
mailing list