DNS/実装/unbound/additional毒について、ここに記述してください。
1. 環境
$ dnsq a xxx.s2.brau.jp 14.192.44.29 1 xxx.s2.brau.jp: 67 bytes, 1+0+1+1 records, response, noerror query: 1 xxx.s2.brau.jp authority: s2.brau.jp 300 NS a.ns.brau.jp additional: a.ns.brau.jp 300 A 14.192.44.5
$ unbound-control flush_zone brau.jp ok removed 3 rrsets, 0 messages and 0 key entries tmaeno@u16:~$ dig -t a xxx.s2.brau.jp @127.0.0.3 ; <<>> DiG 9.12.3 <<>> -t a xxx.s2.brau.jp @127.0.0.3 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63535 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ;; QUESTION SECTION: ;xxx.s2.brau.jp. IN A ;; Query time: 30 msec ;; SERVER: 127.0.0.3#53(127.0.0.3) ;; WHEN: 水 12月 05 15:38:57 JST 2018 ;; MSG SIZE rcvd: 43
delegation 先(毒)を見て返事をしている。
[1543991925] unbound[7346:0] info: control cmd: flush_zone brau.jp [1543991937] unbound[7346:0] info: resolving xxx.s2.brau.jp. A IN [1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN [1543991937] unbound[7346:0] info: reply from <jp.> 156.154.100.5#53 [1543991937] unbound[7346:0] info: query response was REFERRAL [1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN [1543991937] unbound[7346:0] info: reply from <brau.jp.> 14.192.44.29#53 [1543991937] unbound[7346:0] info: query response was REFERRAL [1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN [1543991937] unbound[7346:0] info: reply from <s2.brau.jp.> 14.192.44.5#53 [1543991937] unbound[7346:0] info: query response was NXDOMAIN ANSWER