[Pdns-users] Re: Verify PowerDNS answers?
bert.hubert at netherlabs.nl
Fri Oct 6 13:41:42 UTC 2006
On Fri, Oct 06, 2006 at 03:19:42PM +0200, Alex van den Bogaerdt wrote:
> This is the difference between bind and pdns when asking for x.$org:
DJB states the following, based on RFC 2308:
Warning about NXDOMAIN: It is clear from RFC 1034 and RFC 1035 that an
NXDOMAIN guarantees the nonexistence of every subdomain of the query domain.
For example, if a cache sees an NXDOMAIN for ns.heaven.af.mil, it can
conclude that a.ns.heaven.af.mil and b.ns.heaven.af.mil don't exist. If a
server has records for a.ns.heaven.af.mil and b.ns.heaven.af.mil, but no
records for ns.heaven.af.mil. it sends a zero-records (#5) response, not an
NXDOMAIN. However, RFC 2308 allows NXDOMAIN even when the domain exists, to
indicate that there are no records of any type under the query name. So it
is essential for interoperability that caches not draw the above conclusion.
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-users