[Pdns-users] Re: Verify PowerDNS answers?
Alex van den Bogaerdt
alex at ergens.op.het.net
Fri Oct 6 13:19:42 UTC 2006
On Fri, Oct 06, 2006 at 02:11:07PM +0200, bert hubert wrote:
> On Fri, Oct 06, 2006 at 01:57:46PM +0200, Alex van den Bogaerdt wrote:
> > > > This is a bug (although one which is unlikely to occur in the real
> > > > world), not a legal difference in behavior.
> > >
> > > Can you have zones w/o a SOA record then?
> > No, but what does that have to do with domains without RRs?
> A SOA record *IS* an RR, so I don't understand what we are talking about.
> Can you clarify?
Were talking about DOMAINS, NOT ZONES. Sorry for the shouting.
It is perfectly legal to have a domain without any resource records.
@ IN SOA localhost. root.localhost. (
IN NS localhost.
IN A 127.0.0.1
www.x IN A 127.0.0.1
This creates a zone with these domains:
($org being the origin)
$org a domain, containing an A RR, an NS RR, a SOA RR
x.$org a domain, without any RRs
www.x.$org a domain, containing an A RR
This example serves no purpose, except to provide something
simple to look at.
When I created this example, I was writing some tutorial on how
similar domains could be used, e.g. in the SPF "exists" mechanism.
Resource records, if any, are irrelevant for that purpose.
This is the difference between bind and pdns when asking for x.$org:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26184
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4102
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
Notice how pdns gives an authoritative "does not exist" answer.
More information about the Pdns-users