lost and found ( for me ? )

BIND , unbound ANYクエリ 処理の違い

ANYクエリの回答が異なるので、キャプチャしてみたら、
BIND と unbound で ANYクエリの処理に違いがあるみたい。

BIND 9.6.2rc1
unbound 1.4.1

BIND は x.gtld-servers.net に ANY クエリを問い合わせて終わり。

unbound は x.gtld-servers.net の ANY クエリのあとに、google.com の NS ( ns1-4.google.com )
にも ANY クエリを問い合わせる。

- BIND

# dig @127.1 google.com any

; <<>> DiG 9.6.2rc1 <<>> @127.1 google.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8129
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;google.com. IN ANY

;; ANSWER SECTION:
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
google.com. 172800 IN NS ns1.google.com.

;; AUTHORITY SECTION:
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns4.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns1.google.com.

;; ADDITIONAL SECTION:
ns1.google.com. 172800 IN A 216.239.32.10
ns2.google.com. 172800 IN A 216.239.34.10
ns3.google.com. 172800 IN A 216.239.36.10
ns4.google.com. 172800 IN A 216.239.38.10

BINDのIP は 192.168.73.128
C.GTLD-SERVERS.NET. A 192.26.92.30

# tshark -i eth0 port 53
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
0.000000 192.168.73.128 -> 192.26.92.30 DNS Standard query ANY google.com
0.194115 192.26.92.30 -> 192.168.73.128 DNS Standard query response NS ns1.google.com NS ns2.google.com NS ns3.google.com NS ns4.google.com

- unbound

# dig @127.1 google.com any

; <<>> DiG 9.6.2rc1 <<>> @127.1 google.com any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18219
;; flags: qr rd ra; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com. IN ANY

;; ANSWER SECTION:
google.com. 300 IN A 66.249.89.103
google.com. 300 IN A 66.249.89.104
google.com. 300 IN A 66.249.89.147
google.com. 300 IN A 66.249.89.99
google.com. 345600 IN NS ns1.google.com.
google.com. 345600 IN NS ns2.google.com.
google.com. 345600 IN NS ns3.google.com.
google.com. 345600 IN NS ns4.google.com.
google.com. 86400 IN SOA ns1.google.com. dns-admin.google.com. 1406920 7200 1800 1209600 300
google.com. 900 IN MX 100 google.com.s9a1.psmtp.com.
google.com. 900 IN MX 400 google.com.s9b2.psmtp.com.
google.com. 900 IN MX 200 google.com.s9a2.psmtp.com.
google.com. 900 IN MX 300 google.com.s9b1.psmtp.com.
google.com. 3600 IN TXT "v=spf1 include:_netblocks.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"


unbound の IP は 192.168.73.127
M.GTLD-SERVERS.NET. A 192.55.83.30
216.239.36.10 は ns3.google.com

# tshark -i eth0 port 53
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
0.000000 192.168.73.128 -> 192.55.83.30 DNS Standard query ANY google.com
0.092377 192.55.83.30 -> 192.168.73.128 DNS Standard query response NS ns1.google.com NS ns2.google.com NS ns3.google.com NS ns4.google.com
0.092825 192.168.73.128 -> 216.239.36.10 DNS Standard query ANY google.com
0.135005 216.239.36.10 -> 192.168.73.128 DNS Standard query response A 66.249.89.103 A 66.249.89.104 A 66.249.89.147 A 66.249.89.99 NS ns1.google.com NS ns2.google.com SOA ns1.google.com MX 100 google.com.s9a1.psmtp.com NS ns3.google.com TXT NS ns4.google.com MX 400 google.com.s9b2.psmtp.com MX 200 google.com.s9a2.psmtp.com MX 300 google.com.s9b1.psmtp.com

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.