Named returns empty NOERROR instead of NXDOMAIN

Question

I have to force clients to always connect to the same IPv6 address for a demonstration.

I have a similar zone:

; BIND db file for *

$TTL 86400

@       IN      SOA    .      name.surname.me. (
                        2013101001  ; serial number YYMMDDNN
                        28800           ; Refresh
                        7200            ; Retry
                        864000          ; Expire
                        86400           ; Min TTL
            )

                NS      ns1.example.net. 

*   IN  AAAA    fdeb:cadf:715c:f2ef:0:0:0:1

When I request an AAAA record the trick works fine, but normally the client requests only an A record, and since named returns an empty NOERROR response, the client stops trying and doesn't try the AAAA record.

How can I force named to return NXDOMAIN instead of NOERROR on inexistent A records? Or, is there any other way to force a (dual stack) client to use only the AAAA records?

Unfortunately I can't act on the client, it must retain its default configuration — user193565, Oct 11 '13 at 07:33
In that case there's nothing you can do, until you _or someone else_ fixes the client. — Michael Hampton, Oct 11 '13 at 07:39

score 2 · Answer 1 · answered Oct 11 '13 at 09:39

2

NXDMAIN is non-existent domain. In your case domain does exist, just it have no A records and thus your server respnds correctly.

I suppose the reason client does not ask for AAAA is not the correct and expected NOERROR. I'd expet to find some other reason for not asking for AAAA.

answered Oct 11 '13 at 09:39

Sandman4

4,077
2
21
27

thanks. The client *should* try AAAA first, but it doesn't. My best idea now is that I'm only assigning it an IPv6 address and name server, no default route, so it "thinks" it hasn't got ipv6 connectivity. I'll try with router advertisement... – user193565 Oct 11 '13 at 10:10

Named returns empty NOERROR instead of NXDOMAIN

1 Answers1