[RFCI-Discuss] Interesting Question
Derek J. Balling
dredd at megacity.org
Sun Dec 4 17:14:54 EST 2005
On Dec 4, 2005, at 2:09 PM, Pierre THIERRY wrote:
> If you ask for the SOA, which is maybe a better one to ask to the
> upper
> step in the DNS hierarchy, they give you the authority section in
> their
> answer...
>
> pierre at bateleur:~$ dig @a.gtld-servers.net yahoo.com soa
>
> ; <<>> DiG 9.3.1 <<>> @a.gtld-servers.net yahoo.com soa
> ; (2 servers found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4514
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 5
They only return that because they don't have the records themselves
for the SOA. Same as how Theo pointed out that they would direct me
there if I asked for an "A" record (although, come to think of it, if
I was braindead enough to define "example.com" as one of my NS set,
then there'd be a glue record in there, and it'd offer that up as
well, so maybe SOA would be a more "safe" solution there).
But is the path SUPPOSED to be "chase down the SOA, then chase down
the NS"? My understanding is that just chasing the NS should be fine....
D
More information about the RFCI-Discuss
mailing list