Re: 'dig -t any ...' question

jim, thanks for your support, unfortunately I have to go, I will go
through you mail today evening,

I am really having problems, having bind retrying to authoritative
servers, I am surprised that dig work for you, since it doesn't work for
me and it tries for several time all the authoritative servers I have
and than it times-out:-( I hope it might be configuration issue, but I
doubt it.

I was really under impression, cache type *glue* is not provided to a
recursive clients, that's how it works here for me:-(

just a sample

ns3.emirates.net.ae# jobs
[1] + Running snoop 10.1.1.1
ns3.emirates.net.ae#
ns3.emirates.net.ae#
ns3.emirates.net.ae# dig any ladislav.name.ae
ns3.emirates.net.ae -> 10.1.1.1 DNS C ladislav.name.ae. Internet * ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C ladislav.name.ae. Internet * ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C fake1.ladislav.name.ae.
Internet Unknown (38) ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C fake2.ladislav.name.ae.
Internet Unknown (38) ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C fake3.ladislav.name.ae.
Internet Unknown (38) ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C fake4.ladislav.name.ae.
Internet Unknown (38) ?
ns3.emirates.net.ae -> 10.1.1.1 DNS C fake5.ladislav.name.ae.
Internet Unknown (38) ?

; <<>> DiG 9.2.3 <<>> any ladislav.name.ae
;; global options: printcmd
;; connection timed out; no servers could be reached

ns3.emirates.net.ae# dig any ladislav.name.ae +norec

; <<>> DiG 9.2.3 <<>> any ladislav.name.ae +norec
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47234
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 0

;; QUESTION SECTION:
;ladislav.name.ae. IN ANY

;; AUTHORITY SECTION:
ladislav.name.ae. 3278 IN NS fake2.ladislav.name.ae.
ladislav.name.ae. 3278 IN NS fake3.ladislav.name.ae.
ladislav.name.ae. 3278 IN NS fake4.ladislav.name.ae.
ladislav.name.ae. 3278 IN NS fake5.ladislav.name.ae.
ladislav.name.ae. 3278 IN NS fake1.ladislav.name.ae.

;; Query time: 42 msec
;; SERVER: 194.170.1.99#53(194.170.1.99)
;; WHEN: Sat Jun 12 15:24:18 2004
;; MSG SIZE rcvd: 134

can you explain this ?

Ladislav


Jim Reid wrote:
>>>>>>"Ladislav" == Ladislav Vobr <lvobr@ies.etisalat.ae> writes:
>
>
> Ladislav> what's so special about ANY?
>
> Nothing. You just don't seem to understand what it means. A QYTPE of
> ANY means "give me whatever RRs you have for this name". That's all.
> See my earlier posting for more info.
>
> Ladislav> Why any recursive servers don't do it's best to satisfy
> Ladislav> the recursive client with the reply from the authoritative
> Ladislav> server, that's why we call it recursive right?
>
> Wrong. We call it recursive because the server is able to recursively
> make iterative queries to resolve a query on behalf of some client.
> It doesn't mean the server does that: it can answer from its cache
> which might or might not have been populated with data returned from
> earlier queries to authoritative servers. No assumptions can or should
> be made about how a recursive server provides answers. It should of
> course interrogate authoritative servers when nothing has been
> cached. But that cannot be guaranteed. And even if it does query
> authoritative servers, the answer might not be correct. The DNS is
> loosely coupled remember. It can take time for a zone's authoritative
> servers to converge on the same copy of the zone data after the zone
> gets updated. They don't all update the zone simultaneously.
>
> You seem to think that an ANY QTYPE means a server must retrieve every
> RR for the name. That's not the case. In fact this is impossible. The
> master server could change the RRs immediately after answering your
> hypothetical EVERY query before that reply gets back to the client.
> It's not even the case that a server must query an authoritative
> server in order to respond to an ANY query.
>
> Remember too that one of the key strengths of the DNS is caching. In
> some sense this means that recursive servers are lazy. They'll answer
> from cache every time unless there's nothing relevant in the cache and
> they're forced to resolve something. This is why people need to think
> carefully about TTL values. How many times have we seen postings here
> where there's been a long-lived TTL for a web or mail server that then
> gets renumbered and the poster whines that traffic still goes to the
> old address even though they've updated the zone?
>
> Ladislav> to do this kind of work for the
> Ladislav> client, how can it take answer from the parent and
> Ladislav> consider the task done?
>
> Because that's how the DNS works.
>
> Ladislav> I have problem with ladislav.name.ae
>
> .... snipped ....
>
> This appears to be either a wierd local set-up or else you have a
> misunderstanding of what's going on.
>