1. DNS/実装/KnotDNS/minimal-response
[knot-dns-users] Additional section https://lists.nic.cz/pipermail/knot-dns-users/2015-June/000630.html
The modern resolvers generally throw away any records that are not within very strict bailiwick (e.g. anything extra that resolver hasn't asked for will be discarded). If you can give us an example of such responses we can decode why the records won't be used by resolvers (or whether it is really bug in Knot DNS).
https://lists.nic.cz/pipermail/knot-dns-users/2015-June/000632.html
https://lists.nic.cz/pipermail/knot-dns-users/2015-September/000710.html
> I agree that resolvers could probably do better than to eagerly > overwrite a cached NS RRset with whatever just came in off the wire. > (In the non-DNSSEC case.)
$ dnsq ns cz 194.0.12.1
2 cz: 91 bytes, 1+4+0+0 records, response, authoritative, noerror query: 2 cz answer: cz 18000 NS a.ns.nic.cz answer: cz 18000 NS d.ns.nic.cz answer: cz 18000 NS c.ns.nic.cz answer: cz 18000 NS b.ns.nic.cz
変わったか。-- ToshinoriMaeno 2015-12-12 23:58:19 %dnsq ns cz 194.0.12.1 ~
2 cz: 223 bytes, 1+4+0+6 records, response, authoritative, noerror query: 2 cz answer: cz 18000 NS a.ns.nic.cz answer: cz 18000 NS b.ns.nic.cz answer: cz 18000 NS c.ns.nic.cz answer: cz 18000 NS d.ns.nic.cz additional: a.ns.nic.cz 18000 A 194.0.12.1 additional: a.ns.nic.cz 18000 28 \040\001\006x\000\017\000\000\000\000\000\000\000\000\000\001 additional: b.ns.nic.cz 18000 A 194.0.13.1 additional: b.ns.nic.cz 18000 28 \040\001\006x\000\020\000\000\000\000\000\000\000\000\000\001 additional: d.ns.nic.cz 18000 A 193.29.206.1 additional: d.ns.nic.cz 18000 28 \040\001\006x\000\001\000\000\000\000\000\000\000\000\000\001
だが、なぜか c.ns.nic.cz には additionalがついていない。
ここのadditionalはanswer sectionにあるNSレコードに対するもの。
2. nic.cz
$ dnsq ns nic.cz 194.0.12.1
2 nic.cz: 207 bytes, 1+3+0+6 records, response, authoritative, noerror query: 2 nic.cz answer: nic.cz 1800 NS a.ns.nic.cz answer: nic.cz 1800 NS b.ns.nic.cz answer: nic.cz 1800 NS d.ns.nic.cz additional: a.ns.nic.cz 1800 A 194.0.12.1 additional: a.ns.nic.cz 1800 28 \040\001\006x\000\017\000\000\000\000\000\000\000\000\000\001 additional: b.ns.nic.cz 1800 A 194.0.13.1 additional: b.ns.nic.cz 1800 28 \040\001\006x\000\020\000\000\000\000\000\000\000\000\000\001 additional: d.ns.nic.cz 1800 A 193.29.206.1 additional: d.ns.nic.cz 1800 28 \040\001\006x\000\001\000\000\000\000\000\000\000\000\000\001
zone file をもつ(authorityあり)ので、additional sectionがつくということだろう。 -- ToshinoriMaeno 2015-10-08 01:49:41