LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-02-2013, 03:55 PM   #1
joeswat
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Rep: Reputation: Disabled
BIND Non-authoritative.


Been working on BIND for some time now and finally got it to work so other servers can reach for dns lookup however.

if I do dig on Linux machine I get all my answers:

Code:
[myuser@mynixserver ~]# dig @10.x.x.x cnn.com

; <<>> DiG 9.3.4-P1 <<>> @10.x.x.x cnn.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30576
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 2

;; QUESTION SECTION:
;cnn.com.                       IN      A

;; ANSWER SECTION:
cnn.com.                300     IN      A       157.166.226.26
cnn.com.                300     IN      A       157.166.226.25

;; AUTHORITY SECTION:
cnn.com.                170753  IN      NS      ns3.timewarner.net.
cnn.com.                170753  IN      NS      ns2.p42.dynect.net.
cnn.com.                170753  IN      NS      ns1.timewarner.net.
cnn.com.                170753  IN      NS      ns1.p42.dynect.net.

;; ADDITIONAL SECTION:
ns1.timewarner.net.     170753  IN      A       204.74.108.238
ns3.timewarner.net.     170753  IN      A       199.7.68.238
However if I do it from windows server I get almost nothing

Code:
> server 10.x.x.x
Default Server:  [10.x.x.x]
Address:  10.x.x.x

> cnn.com
Server:  [10.x.x.x]
Address:  10.x.x.x

Non-authoritative answer:
Name:    xyz.com
Address:  50.x.y.z
Aliases:  cnn.com.xwz.com
 
Old 09-02-2013, 05:24 PM   #2
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,714

Rep: Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280Reputation: 1280
What windows is providing is a cached entry, not one from the server. That is why it is "non-authoritative".

This is done to minimize the impact on a name server by thousands of queries. When one tracks down your server, the host (well, name server actually) then caches the answer - so that your server doesn't have to respond any more (at least, not until the timeout interval happens). Over time, thousands of other name servers would pick up your entry - eliminating them from directly contacting your server, and in addition, spread the load out.

OCCASIONALLY, (not very often) I have pre-seeded other name servers by selecting them as a name server and then looking up the designated target. Doing this between the root servers and the intermediate servers between you and the root (there usually is only two or three), greatly reduces an initial load, and can reduce the occurrence of timeouts for users. It doesn't work well when the timeout is long though - the servers will only update after their cache entry times out.

Last edited by jpollard; 09-02-2013 at 05:29 PM.
 
Old 09-02-2013, 05:37 PM   #3
joeswat
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jpollard View Post
What windows is providing is a cached entry, not one from the server. That is why it is "non-authoritative".

This is done to minimize the impact on a name server by thousands of queries. When one tracks down your server, the host (well, name server actually) then caches the answer - so that your server doesn't have to respond any more (at least, not until the timeout interval happens). Over time, thousands of other name servers would pick up your entry - eliminating them from directly contacting your server, and in addition, spread the load out.

OCCASIONALLY, (not very often) I have pre-seeded other name servers by selecting them as a name server and then looking up the designated target. Doing this between the root servers and the intermediate servers between you and the root (there usually is only two or three), greatly reduces an initial load, and can reduce the occurrence of timeouts for users. It doesn't work well when the timeout is long though - the servers will only update after their cache entry times out.
So weird tho all nix servers are fine (not on domain) all windows servers that are on domain are not doing its job

I thought to try some non-cached domain...on windows server by doing
nslookup
server 10.x.x.x
>zumba.com

and this is what I get back

Code:
02-Sep-2013 17:34:47.008 client 10.x.x.x#22547: query: zumba.xyz.com IN A +
 (10.my.ser.ver)
where zumba.xyz.com (xyz.com) is my internal domain from windows server

Last edited by joeswat; 09-02-2013 at 05:39 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Non Authoritative Zone when using particular View w/ BIND buee Linux - Server 1 06-10-2013 09:11 PM
BIND - How do you remove "Authoritative nameservers" in UDP message? wischad Linux - Networking 3 01-29-2011 11:53 AM
Authoritative Non-Authoritative ouncya Linux - Networking 2 02-01-2008 10:51 AM
sftp - non-authoritative mode turbo_acura Linux - Networking 1 10-26-2004 06:49 PM
authoritative dns how to viperusn Linux - Networking 7 03-22-2004 12:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration