The answers will be cached regardless of the setting of the AA flag. I
would suspect that most -- or at least a large percentage -- of DNS
queries made by endpoint clients are to upstream resolvers which don't
happen to be authoritative for the zone(s) in question, so AA=0 is very
common in practice and lookup caching wouldn't work very well if it were
limited to only AA=1 responses.
Note that if a "full" resolver gets "better" data in a DNS response than
what it has already cached, it may overwrite the existing cache data
with the new data. The determination of what is "better" is spelled out
in the data ranking rules in RFC 2181 and isn't directly related to the
setting of the AA flag. Among other things, this means that when
following a delegation chain, the NS records directly from the
authoritative nameservers for a zone, if available, will overwrite the
delegating NS records encountered earlier in the resolution process.
- Kevin
P.S. You did notice that you're performing recursive queries against
nameservers which don't offer recursion, right? That might be a possible
source of confusion.
On 1/4/2011 10:28 PM, p...@mail.nsbeta.info wrote:
Hello,
I'm not sure about, is it true that only the response which has
included the "aa" in flags can be cached by client DNS Cache?
For example, for my domain, there are two queries below, the result
for the first query won't be cached, but the second will be cached, am
I right?
$ dig mail.nsbeta.info ns @ns34.domaincontrol.com
; <<>> DiG 9.4.2-P2 <<>> mail.nsbeta.info ns @ns34.domaincontrol.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12892
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;mail.nsbeta.info. IN NS
;; ANSWER SECTION:
mail.nsbeta.info. 1800 IN NS dwdns2.nsbeta.info.
mail.nsbeta.info. 1800 IN NS dwdns1.nsbeta.info.
;; ADDITIONAL SECTION:
dwdns2.nsbeta.info. 3600 IN A 219.129.239.5
dwdns1.nsbeta.info. 3600 IN A 120.132.133.48
--------------------------------------------------
$ dig mail.nsbeta.info ns @dwdns2.nsbeta.info
; <<>> DiG 9.4.2-P2 <<>> mail.nsbeta.info ns @dwdns2.nsbeta.info
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28561
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;mail.nsbeta.info. IN NS
;; ANSWER SECTION:
mail.nsbeta.info. 3600 IN NS dwdns1.nsbeta.info.
mail.nsbeta.info. 3600 IN NS dwdns2.nsbeta.info.
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users