EL 5.x v.s. EL6.x | BIND Root Hint Referral Reponse List - DifferenceEl 5.x v.s. EL6.
We had explicitly disabled RECURSION on DNS Servers in Both cases, and set "minimal-responses no;" manually @ Global Option level.
Systems :- RHEL -> 5.2 (bind 9.3.4) | RHEL ->6.0 (bind 9.7.0)
Case 1) DNS Client -> RHEL 6.0 | DNS Server -> RHEL 5.2
[harmandeep@rhel-60-02 Desktop]$ dig @192.168.31.22 yahoo.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> @192.168.31.22 yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21442
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;yahoo.com. IN A
;; AUTHORITY SECTION:
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
;; Query time: 17 msec
;; SERVER: 192.168.31.22#53(192.168.31.22)
;; WHEN: Mon Oct 3 09:45:40 2011
;; MSG SIZE rcvd: 238
Case 2) DNS Client -> RHEL 6.0 | DNS Server -> RHEL 6.0
[harmandeep@rhel-60-02 Desktop]$ dig @192.168.31.61 yahoo.com
; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> @192.168.31.61 yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 34387
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;yahoo.com. IN A
;; Query time: 3 msec
;; SERVER: 192.168.31.61#53(192.168.31.61)
;; WHEN: Mon Oct 3 09:50:46 2011
;; MSG SIZE rcvd: 27
Now we can see that in CASE 1) , our DNS Server also provided names of the ROOT hints in response to DNS Client , whereas in CASE 2) it doesn't
So, it must be mostly due to an OPTION which is working in Case2) BIND Server as default , nlike in Case 1)
So any hint Guys
Regards
|