On Jan 4, 2011, at 9:13 PM, John Levine wrote:
I looked for foo.gurus.org, got an NXDOMAIN, then
queried bar.foo.gurus.org, and it went back to the authoritative server to
get the answer.
I guess I must have misunderstood. If _that_ is how you test it, I
can't imagine a DNS server doing otherwise.
It's not a totally ridiculous idea.
It is.
There's a difference between
NODATA, which means that the name exists but has no records, and
NXDOMAIN which means the name doesn't exist.
Yes.
Assuming the data are
consistent, if you see NXDOMAIN there should be no subdomains of the
name with the NXDOMAIN.
No.
But the DNS crowd hates synthesizing answers
for reasons that strike me as mostly religious, so nobody does.
They're generally not "religious" so much as they're the opinions
of people who know DNS.
NXDOMAIN for c.b.a simply means that there is no RR for c.b.a.
It tells you absolutely nothing about the existence of an RR for d.c.b.a,
and any recursive resolver that synthesized results for such based on
any RRset for c.b.a would be, simply, broken.
platter:test steve$ host 0.0.127.sbl.spamhaus.org
Host 0.0.127.sbl.spamhaus.org not found: 3(NXDOMAIN)
platter:test steve$ host 2.0.0.127.sbl.spamhaus.org
2.0.0.127.sbl.spamhaus.org has address 127.0.0.2
Or a little more complex:
platter:test steve$ host c.b.a.tupid.org
Host c.b.a.tupid.org not found: 3(NXDOMAIN)
platter:test steve$ host d.c.b.a.tupid.org
d.c.b.a.tupid.org has address 127.0.0.1
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg