実験2 旧ゾーンサーバがキャッシュ兼用(オープンリゾルバ)で上位Referral を返すケース

-- tss 2013-11-03 00:31:42

実験1と同様に委譲を切り替えた後、旧ゾーンサーバから設定を消す効果に関する実験。

実験1は旧ゾーンサーバが応答を REFUSE する最近の実装のケースだが、この実験ではキャッシュを兼用しオープンリゾルバになっていて上位 Referral を返すというケースを試す。 (BIND 9.8.4-P1) 

root@server3:/ # dig www.bind.nom
dig www.bind.nom

; <<>> DiG 9.8.4-P1 <<>> www.bind.nom
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40835
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.bind.nom.                  IN      A

;; ANSWER SECTION:
www.bind.nom.           60      IN      A       172.16.17.1

;; AUTHORITY SECTION:
bind.nom.               180     IN      NS      ns.bind.nom.

;; ADDITIONAL SECTION:
ns.bind.nom.            300     IN      A       172.16.17.1

;; Query time: 7 msec
;; SERVER: 172.16.33.1#53(172.16.33.1)
;; WHEN: Sat Nov  2 04:49:15 2013
;; MSG SIZE  rcvd: 79

root@server3:/ # dig www.bind.nom @172.16.17.1 +norec

; <<>> DiG 9.8.4-P1 <<>> www.bind.nom @172.16.17.1 +norec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20546
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bind.nom.                  IN      A

;; AUTHORITY SECTION:
.                       3600000 IN      NS      A.ROOT-SERVERS.NET.

;; Query time: 0 msec
;; SERVER: 172.16.17.1#53(172.16.17.1)
;; WHEN: Sat Nov  2 04:49:51 2013
;; MSG SIZE  rcvd: 61

root@server3:/ # dig www.bind.nom

; <<>> DiG 9.8.4-P1 <<>> www.bind.nom
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40522
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.bind.nom.                  IN      A

;; ANSWER SECTION:
www.bind.nom.           17      IN      A       172.16.17.1

;; AUTHORITY SECTION:
bind.nom.               137     IN      NS      ns.bind.nom.

;; ADDITIONAL SECTION:
ns.bind.nom.            257     IN      A       172.16.17.1

;; Query time: 0 msec
;; SERVER: 172.16.33.1#53(172.16.33.1)
;; WHEN: Sat Nov  2 04:49:58 2013
;; MSG SIZE  rcvd: 79

root@server3:/ # dig www.bind.nom

; <<>> DiG 9.8.4-P1 <<>> www.bind.nom
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61145
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bind.nom.                  IN      A

;; Query time: 0 msec
;; SERVER: 172.16.33.1#53(172.16.33.1)
;; WHEN: Sat Nov  2 04:50:38 2013
;; MSG SIZE  rcvd: 30

root@server3:/ # dig www.bind.nom

; <<>> DiG 9.8.4-P1 <<>> www.bind.nom
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61980
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.bind.nom.                  IN      A

;; ANSWER SECTION:
www.bind.nom.           1800    IN      A       172.16.1.1

;; AUTHORITY SECTION:
bind.nom.               93      IN      NS      ns.bind.nom.

;; ADDITIONAL SECTION:
ns.bind.nom.            286     IN      A       172.16.1.1

;; Query time: 10 msec
;; SERVER: 172.16.33.1#53(172.16.33.1)
;; WHEN: Sat Nov  2 04:50:42 2013
;; MSG SIZE  rcvd: 79

MoinQ: DNS/ゾーン/移転/観察/実験2 (last edited 2021-04-19 09:51:51 by ToshinoriMaeno)