MoinQ:

DNS/実装/unbound/additional毒について、ここに記述してください。

1. 環境

$ dnsq a xxx.s2.brau.jp 14.192.44.29
1 xxx.s2.brau.jp:
67 bytes, 1+0+1+1 records, response, noerror
query: 1 xxx.s2.brau.jp
authority: s2.brau.jp 300 NS a.ns.brau.jp
additional: a.ns.brau.jp 300 A 14.192.44.5

$ unbound-control flush_zone brau.jp
ok removed 3 rrsets, 0 messages and 0 key entries

tmaeno@u16:~$ dig -t a xxx.s2.brau.jp @127.0.0.3

; <<>> DiG 9.12.3 <<>> -t a xxx.s2.brau.jp @127.0.0.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63535
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1220
;; QUESTION SECTION:
;xxx.s2.brau.jp.                        IN      A

;; Query time: 30 msec
;; SERVER: 127.0.0.3#53(127.0.0.3)
;; WHEN: 水 12月 05 15:38:57 JST 2018
;; MSG SIZE  rcvd: 43

delegation 先(毒)を見て返事をしている。

[1543991925] unbound[7346:0] info: control cmd:  flush_zone brau.jp

[1543991937] unbound[7346:0] info: resolving xxx.s2.brau.jp. A IN
[1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN
[1543991937] unbound[7346:0] info: reply from <jp.> 156.154.100.5#53
[1543991937] unbound[7346:0] info: query response was REFERRAL
[1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN
[1543991937] unbound[7346:0] info: reply from <brau.jp.> 14.192.44.29#53
[1543991937] unbound[7346:0] info: query response was REFERRAL

[1543991937] unbound[7346:0] info: response for xxx.s2.brau.jp. A IN
[1543991937] unbound[7346:0] info: reply from <s2.brau.jp.> 14.192.44.5#53
[1543991937] unbound[7346:0] info: query response was NXDOMAIN ANSWER