At the top of this post I'd first like to thank Jonathan for a great reply (which for some reason never seemed to make it onto the usenet mirror of this group.) - exactly what I was hoping for.
S. ---- On 10 April 2010 4:26 AM, Jonathan de Boyne Pollard wrote >>> What I am hoping is that somebody might be able to help point me in the direction of an RFC or >>> specification document that might explain the "PROPER" response. JdBP >> It's RFC 2308 ยง2.1 <http://tools.ietf.org./html/rfc2308#section-2.1> , and the proper interpretation of the JdBP >> responses that you are seeing from 81.187.81.32 and 81.187.30.41 is exactly as per JdBP >> the Type 1 example given in that section of the RFC: [...] JdBP >> Ignore all of the wittering about cache poisoning, by the way. It's nonsense. JdBP >> Bailiwick is entirely in the eye of the beholder, so content DNS servers are not required to tailor their responses to it. [...] Time for me to study the RFCs in detail I think ... JdBP >> The problem is why Microsoft's DNS server is getting this wrong. [...] JdBP >> The bad news is that you're not going to find this out from the BIND User's mailing list. But perhaps the BIND group will help describe "what it should be doing right" ... (And it seems that thanks to your post, I've found just the RFC) JdBP >> It is not where experts on Microsoft's DNS server generally hang out, JdBP >> as you've probably noticed if you've read any of the back messages before posting JdBP >> (as you should have <http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/read-the-back-mes sages.html> ). Oops - my mistake - Although I did read a FEW messages, I probable should have scanned through the archives a bit more before posting. JdBP >> Post to the microsoft.public.windows.server.dns newsgroup, and knowledgeable people there such as Ace Fekay and others will JdBP >> show you how to configure Microsoft's DNS server to log the details of its query resolution [...] I had originally tried the Microsoft Technet forums (e.g. http://social.technet.microsoft.com/Forums/en-GB/winserverNIS/thread/53f0798 2-01d4-4c62-b877-9f84f7095cb0) , and suppose that I could also have tried the Microsoft DNS-newgroup aswell.. However, by this time I had already raised a full "support incident" with Microsoft (after already having captured a number of logs, query-lookups, and network-traces, including those from BIND) so it seemed a bit redundant to post in a Microsoft newsgroup. JdBP >> By the way, this part of RFC 2308 is a sore point. A lot of content DNS servers get the RFC 1034 algorithm wrong when publishing alias chains, most notably djbdns [...] All good points. Steven. _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
