Estou brincando com o NSLOOKUP tentando aprender sobre pesquisas de DNS recursivas. Eu estou procurando um nome de host falso e parece que estou obtendo os mesmos resultados se habilito ou desabilito a recursão.
com recursão:
nslookup
Default Server: UnKnown
Address: ::1
> set recurse
> set debug
> nytimes
Server: UnKnown
Address: ::1
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.intranet.contoso.com, type = A, class = IN
AUTHORITY RECORDS:
-> intranet.contoso.com
ttl = 3600 (1 hour)
primary name server = DNSSERVER.intranet.contoso.com
responsible mail addr = hostmaster.intranet.contoso.com
serial = 10301
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.intranet.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> intranet.contoso.com
ttl = 3600 (1 hour)
primary name server = DNSSERVER.intranet.contoso.com
responsible mail addr = hostmaster.intranet.contoso.com
serial = 10301
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
nytimes.contoso.com, type = A, class = IN
ANSWERS:
-> nytimes.contoso.com
internet address = 74.125.226.195
ttl = 1800 (30 mins)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> contoso.com
ttl = 900 (15 mins)
primary name server = dns01.gpn.register.com
responsible mail addr = partnersupport.register.com
serial = 2002050701
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
------------
Name: nytimes.contoso.com
Address: 74.125.226.195
>
Sem recursão:
nslookup
Default Server: UnKnown
Address: ::1
> set norecurse
> set debug
> nytimes
Server: UnKnown
Address: ::1
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.intranet.contoso.com, type = A, class = IN
AUTHORITY RECORDS:
-> intranet.contoso.com
ttl = 3600 (1 hour)
primary name server = DNSSERVER.intranet.contoso.com
responsible mail addr = hostmaster.intranet.contoso.com
serial = 10301
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.intranet.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> intranet.contoso.com
ttl = 3600 (1 hour)
primary name server = DNSSERVER.intranet.contoso.com
responsible mail addr = hostmaster.intranet.contoso.com
serial = 10301
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
nytimes.contoso.com, type = A, class = IN
ANSWERS:
-> nytimes.contoso.com
internet address = 74.125.226.195
ttl = 1526 (25 mins 26 secs)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
nytimes.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> contoso.com
ttl = 626 (10 mins 26 secs)
primary name server = dns01.gpn.register.com
responsible mail addr = partnersupport.register.com
serial = 2002050701
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
------------
Name: nytimes.contoso.com
Address: 74.125.226.195
>
Parece que ele está usando recursão mesmo quando eu o desativei. O engraçado é que se eu procurar o falso nome de host especificando 4.2.2.2 como o servidor DNS, a configuração de recursão entrará em vigor. Alguém sabe por que isso está acontecendo?
BTW eu higienizei os nomes de host
O servidor retorna respostas autoritativas para o domínio quando você tem norecurse definido, além de estar disposto a realizar uma recursão para você. Não importa se o sinalizador de recursão está definido ou não.
Got answer: HEADER: header flags: response, auth. answer, recursion avail.