[wellylug] Weird DNS issue with Xtra DNS
Jp Wise
jpwise at theflat.net.nz
Sun May 14 17:55:56 NZST 2006
For anyone that was curious and wanted further information it's call DNS
Recursion. When configuring a dns server you can either configure it to
allow recursion or not.
Disabling recursion only affects domains that aren't hosted by that
server, the server will still respond to domains it hosts without issue.
Jp.
Mark Foster wrote:
>
>
>> 1) Accept DNS queries from 'local' users and answer regardless of the
>> query,
>>
>> 2) Accept DNS queries from 'all' users and answer only for 'local'
>> domains aka those hosted on the NS in question.
>>
>> So what I meant to say was that Ihug's NS (the last time I tried,
>> anyway) would reject DNS queries from non-Ihug users for domains that
>> were not actually delegated to their NS. i.e. Locally hosted domains
>> would work fine.
>>
>
> This is an example:
>
> blakjak at maverick:~$ dig www.blakjak.net A @ns1.ihug.net.nz
>
> ; <<>> DiG 9.2.4 <<>> www.blakjak.net A @ns1.ihug.net.nz
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 33179
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.blakjak.net. IN A
>
> ;; Query time: 3 msec
> ;; SERVER: 203.109.252.7#53(ns1.ihug.net.nz)
> ;; WHEN: Sun May 14 17:39:53 2006
> ;; MSG SIZE rcvd: 33
>
>
> Note the status of the query.
>
> Presumably ns1.ihug.net.nz isnt the same as the IP you have in your
> resolv.conf, but this illustrates what can be done with NS anyway.
>
> Moral: Use your ISP's DNS as a first. Be selective about any third
> party NS you use beyond that, as the results may be predictable (or
> changeable)...
>
>
>
More information about the wellylug
mailing list