pesquisas de DNS com / sem recursão no NSLOOKUP

3

Estou brincando com o NSLOOKUP tentando aprender sobre pesquisas de DNS recursivas. Eu estou procurando um nome de host falso e parece que estou obtendo os mesmos resultados se habilito ou desabilito a recursão.

com recursão:

nslookup
Default Server:  UnKnown
Address:  ::1

> set recurse
> set debug
> nytimes
Server:  UnKnown
Address:  ::1

------------
Got answer:
HEADER:
    opcode = QUERY, id = 2, rcode = NXDOMAIN
    header flags:  response, auth. answer, want recursion, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.intranet.contoso.com, type = A, class = IN
AUTHORITY RECORDS:
->  intranet.contoso.com
    ttl = 3600 (1 hour)
    primary name server = DNSSERVER.intranet.contoso.com
    responsible mail addr = hostmaster.intranet.contoso.com
    serial  = 10301
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

------------
------------
Got answer:
HEADER:
    opcode = QUERY, id = 3, rcode = NXDOMAIN
    header flags:  response, auth. answer, want recursion, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.intranet.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  intranet.contoso.com
    ttl = 3600 (1 hour)
    primary name server = DNSSERVER.intranet.contoso.com
    responsible mail addr = hostmaster.intranet.contoso.com
    serial  = 10301
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

------------
------------
Got answer:
HEADER:
    opcode = QUERY, id = 4, rcode = NOERROR
    header flags:  response, want recursion, recursion avail.
    questions = 1,  answers = 1,  authority records = 0,  additional = 0

QUESTIONS:
    nytimes.contoso.com, type = A, class = IN
ANSWERS:
->  nytimes.contoso.com
    internet address = 74.125.226.195
    ttl = 1800 (30 mins)

------------
Non-authoritative answer:
------------
Got answer:
HEADER:
    opcode = QUERY, id = 5, rcode = NOERROR
    header flags:  response, want recursion, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  contoso.com
    ttl = 900 (15 mins)
    primary name server = dns01.gpn.register.com
    responsible mail addr = partnersupport.register.com
    serial  = 2002050701
    refresh = 10800 (3 hours)
    retry   = 3600 (1 hour)
    expire  = 604800 (7 days)
    default TTL = 3600 (1 hour)

------------
Name:    nytimes.contoso.com
Address:  74.125.226.195

>

Sem recursão:

nslookup
Default Server:  UnKnown
Address:  ::1

> set norecurse
> set debug
> nytimes
Server:  UnKnown
Address:  ::1

------------
Got answer:
HEADER:
    opcode = QUERY, id = 2, rcode = NXDOMAIN
    header flags:  response, auth. answer, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.intranet.contoso.com, type = A, class = IN
AUTHORITY RECORDS:
->  intranet.contoso.com
    ttl = 3600 (1 hour)
    primary name server = DNSSERVER.intranet.contoso.com
    responsible mail addr = hostmaster.intranet.contoso.com
    serial  = 10301
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

------------
------------
Got answer:
HEADER:
    opcode = QUERY, id = 3, rcode = NXDOMAIN
    header flags:  response, auth. answer, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.intranet.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  intranet.contoso.com
    ttl = 3600 (1 hour)
    primary name server = DNSSERVER.intranet.contoso.com
    responsible mail addr = hostmaster.intranet.contoso.com
    serial  = 10301
    refresh = 900 (15 mins)
    retry   = 600 (10 mins)
    expire  = 86400 (1 day)
    default TTL = 3600 (1 hour)

------------
------------
Got answer:
HEADER:
    opcode = QUERY, id = 4, rcode = NOERROR
    header flags:  response, recursion avail.
    questions = 1,  answers = 1,  authority records = 0,  additional = 0

QUESTIONS:
    nytimes.contoso.com, type = A, class = IN
ANSWERS:
->  nytimes.contoso.com
    internet address = 74.125.226.195
    ttl = 1526 (25 mins 26 secs)

------------
Non-authoritative answer:
------------
Got answer:
HEADER:
    opcode = QUERY, id = 5, rcode = NOERROR
    header flags:  response, recursion avail.
    questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
    nytimes.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
->  contoso.com
    ttl = 626 (10 mins 26 secs)
    primary name server = dns01.gpn.register.com
    responsible mail addr = partnersupport.register.com
    serial  = 2002050701
    refresh = 10800 (3 hours)
    retry   = 3600 (1 hour)
    expire  = 604800 (7 days)
    default TTL = 3600 (1 hour)

------------
Name:    nytimes.contoso.com
Address:  74.125.226.195

>

Parece que ele está usando recursão mesmo quando eu o desativei. O engraçado é que se eu procurar o falso nome de host especificando 4.2.2.2 como o servidor DNS, a configuração de recursão entrará em vigor. Alguém sabe por que isso está acontecendo?

BTW eu higienizei os nomes de host

    
por Citrus 08.08.2013 / 07:24

1 resposta

2

O servidor retorna respostas autoritativas para o domínio quando você tem norecurse definido, além de estar disposto a realizar uma recursão para você. Não importa se o sinalizador de recursão está definido ou não.

Got answer: HEADER: header flags: response, auth. answer, recursion avail.

    
por 08.08.2013 / 07:58