[Pdns-users] Re: Verify PowerDNS answers?

bert hubert bert.hubert at netherlabs.nl
Fri Oct 6 13:41:42 UTC 2006


On Fri, Oct 06, 2006 at 03:19:42PM +0200, Alex van den Bogaerdt wrote:

> This is the difference between bind and pdns when asking for x.$org:

DJB states the following, based on RFC 2308:

Warning about NXDOMAIN: It is clear from RFC 1034 and RFC 1035 that an
NXDOMAIN guarantees the nonexistence of every subdomain of the query domain.
For example, if a cache sees an NXDOMAIN for ns.heaven.af.mil, it can
conclude that a.ns.heaven.af.mil and b.ns.heaven.af.mil don't exist. If a
server has records for a.ns.heaven.af.mil and b.ns.heaven.af.mil, but no
records for ns.heaven.af.mil. it sends a zero-records (#5) response, not an
NXDOMAIN. However, RFC 2308 allows NXDOMAIN even when the domain exists, to
indicate that there are no records of any type under the query name. So it
is essential for interoperability that caches not draw the above conclusion.

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services


More information about the Pdns-users mailing list