0

When I do this dig I get no answer...

red@localhost:~$ dig +noall +answer name-one.name-two.com @mydns-server.name-one.com

... but when add name-two.com soa I get an answer for name-one.name-two.com ...

red@localhost:~$ dig +noall +answer name-one.name-two.com name-two.com soa @mydns-server.name-one.com
name-one.name-two.com.   868     IN      A       xx.xxx.xxx.xxx
name-two.com.         2926    IN      SOA     ns41.name-three.com. dns.name-four.net. 2013120202 28800 7200 604800 600

... what is going on here?

Thanks

Red Cricket
  • 470
  • 2
  • 8
  • 21
  • If you removed the `+noall` part, dig would probably tell you – Mathias R. Jessen Dec 03 '13 at 23:08
  • remove the `+noall` tells me `NXDOMAIN` without the `soa` query (as one would expect). But with the `soa` in the dig command it gives me the answer. I just wondering why dig behaves this way. – Red Cricket Dec 03 '13 at 23:46

1 Answers1

1

Directly from dig -h:

Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]

        [...]

        global d-opts and servers (before host name) affect all queries.
        local d-opts and servers (after host name) affect only that lookup.

When you write: 

dig +noall +answer name-one.name-two.com @mydns-server.name-one.com

dig treats it as:

+noall +answer
- global options, applies to all queries

name-one.name-two.com @mydns-server.name-one.com
- host to lookup, at a specific name server

But when you write: 

dig +noall +answer name-one.name-two.com name-two.com soa @mydns-server.name-one.com

dig treats it as:

+noall +answer
- global options, applies to all

name-one.name-two.com
- host to lookup

name-two.com soa @mydns-server.name-one.com
- another lookup for a SOA RR, but this time, at a specific server

So the A RR response you receive for the first host is not from @mydns-server.name-one.com.

Mathias R. Jessen
  • 25,161
  • 4
  • 63
  • 95
  • that's does appear to be the case. Since `dig name-one.name-two.com @mydns-server.name-one.com` returns NXDOMAIN yet `dig name-one.name-two.com name-two.com soa @mydns-server.name-one.com` returns an answer for both the 'A' RR and the 'SOA' RR. – Red Cricket Dec 04 '13 at 16:41
  • @RedCricket My bad, take a look at the update – Mathias R. Jessen Dec 04 '13 at 18:17