## page was renamed from DNS/1/返答/referral/rfc1034 ## page was copied from DNS/1/返答/referral <> ----- [[DNS/返答/referral]]: DNS問合せに対する5種類の返答[[DNS/返答/DJB]]のうちのひとつ、 [[DNS/1/委譲/delegation]] を示すためにも使われる。  (安全のためにはリゾルバーはdelegationではないreferral返答は無視すべきなのだが、当初は毒盛の危険性は想定されていなかった) A referral (a list of two or more name servers and IP addresses that are closer the next level down in the name hierarchy to the requested domain ... リゾルバーを使うためのインタフェースは定義されないらしい。 == rfc1034.txt より == {{{ %grep -2 -n referral rfc1034.txt 187- - Clients of the domain system should be able to identify 188- trusted name servers they prefer to use before accepting 189: referrals to name servers outside of this "trusted" set. 248-The domain system defines procedures for accessing the data and for 249:referrals to other name servers. The domain system also defines 250-procedures for caching retrieved data and for periodic refreshing of 251-data defined by the system administrator. 312- able to access at least one name server and use that name 313- server's information to answer a query directly, or pursue the 314: query using referrals to other name servers. A resolver will 315- typically be a system routine that is directly accessible to 316- user programs; hence no protocol is necessary between the 846-In general, the user does not generate queries directly, but instead 847-makes a request to a resolver which in turn sends one or more queries to 848:name servers and deals with the error conditions and referrals that may 849-result. Of course, the possible questions which can be asked in a query 850-does shape the kind of service a resolver can provide. 1009-name servers can answer queries in a simple manner; the response can 1010-always be generated using only local data, and either contains the 1011:answer to the question or a referral to other name servers "closer" to 1012-the desired information. -- 1134-part of the authoritative data, and are address RRs for the servers. 1135-These RRs are only necessary if the name server's name is "below" the 1136:cut, and are only used as part of a referral response. }}} https://moin.qmail.jp/DNS/RFC/1034/4.3#A14 {{{ 1188- - The simplest mode for the server is non-recursive, since it 1189- can answer queries using only local information: the response 1190: contains an error, the answer, or a referral to some other 1191- server "closer" to the answer. All name servers must 1192- implement non-recursive queries. 1194- - The simplest mode for the client is recursive, since in this 1195- mode the name server acts in the role of a resolver and 1196: returns either an error or the answer, but never referrals. 1197- This service is optional in a name server, and the name server 1198- may also choose to restrict the clients which can use 1212-Non-recursive service is appropriate if the requester is capable of 1213:pursuing referrals and interested in information which will aid future 1214-requests. }}} {{{ 1271- whether the data comes from a zone or is cached. 1272- 1273: A referral to name servers which have zones which are closer 1274- ancestors to the name than the server sending the reply. -- 1320- b. If a match would take us out of the authoritative data, 1321: we have a referral. This happens when we encounter a 1322- node with NS RRs marking cuts along the bottom of a 1323- zone. -- 2450-This response has an empty answer section, but is not authoritative, so 2451:it is a referral. The name server on C.ISI.EDU, realizing that it is 2452-not authoritative for the MIL domain, has referred the requester to 2453-servers on A.ISI.EDU and SRI-NIC.ARPA, which it knows are authoritative -- 2539-This reply contains an authoritative reply for the alias USC-ISIC.ARPA, 2540:plus a referral to the name servers for ISI.EDU. This sort of reply 2541-isn't very likely given that the query is for the host name of the name 2542-server being asked, but would be common for other aliases. }}}