DNS/毒盛/Unbound/NXDOMAIN/Auth毒

DNS/毒盛/Additional/referral毒について、ここに記述してください。

$ unbound-control flush_zone brau.jp
ok removed 3 rrsets, 2 messages and 0 key entries

$ dig xxx.s2.brau.jp @127.0.0.3
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24568

$ dig a.ns.brau.jp @127.0.0.3
;; ANSWER SECTION:
a.ns.brau.jp.           86400   IN      A       14.192.44.5
a.ns.brau.jp.           86400   IN      A       127.0.0.1

[1543894648] unbound[1587:0] info: control cmd:  flush_zone brau.jp
[1543894682] unbound[1587:0] info: resolving xxx.s2.brau.jp. A IN
[1543894682] unbound[1587:0] info: response for xxx.s2.brau.jp. A IN
[1543894682] unbound[1587:0] info: reply from <jp.> 192.50.43.53#53
[1543894682] unbound[1587:0] info: query response was REFERRAL
[1543894682] unbound[1587:0] info: response for xxx.s2.brau.jp. A IN
[1543894682] unbound[1587:0] info: reply from <brau.jp.> 14.192.44.29#53
[1543894682] unbound[1587:0] info: query response was REFERRAL
[1543894682] unbound[1587:0] info: response for xxx.s2.brau.jp. A IN
[1543894682] unbound[1587:0] info: reply from <s2.brau.jp.> 14.192.44.5#53
[1543894682] unbound[1587:0] info: query response was NXDOMAIN ANSWER
  ここで14.192.44.5に問合せているのは、直前のREFERRAL返答のAdditionalだろう。

ここの問合せ先は毒だという設定である。(つまり、毒盛可) キャッシュの上書き(referral) OK
[1543894744] unbound[1587:0] info: resolving a.ns.brau.jp. A IN
[1543894744] unbound[1587:0] info: response for a.ns.brau.jp. A IN
[1543894744] unbound[1587:0] info: reply from <brau.jp.> 14.192.44.5#53
[1543894744] unbound[1587:0] info: query response was NXDOMAIN ANSWER
[1543894744] unbound[1587:0] info: resolving ns.brau.jp. A IN

[1543894744] unbound[1587:0] info: response for a.ns.brau.jp. A IN
[1543894744] unbound[1587:0] info: reply from <brau.jp.> 14.192.44.5#53
[1543894744] unbound[1587:0] info: query response was ANSWER

MoinQ: DNS/毒盛/Unbound/NXDOMAIN/Auth毒