3

I'm being asked to determine whether this dig answer is authoritative or not.

I'd say yes, but I am not too keen on that.

The rationale behind believing it is indeed authoritative is that the AUTHORITATIVE SECTION contains two addresses, that from what one can see from the ADDITIONAL SECTION map to 194.117.22.138 and 10.101.85.6.

We know that this answer was replied from 194.117.22.138, so it must be the case that the server is authoritative.

Is my reasoning correct or am I taking the wrong approach here?

enter image description here

devoured elysium
  • 101,373
  • 131
  • 340
  • 557

1 Answers1

10

Please see DNS response flags on the third line of dig output. There is a flag named aa which means "authoritative answer".

Emre Yazici
  • 10,136
  • 6
  • 48
  • 55
  • I was now looking at some dig sheet and I saw that aa thing too. Thanks. But btw, is there anything wrong with my reasoning? Without looking at the aa parameter, would it be possible to know if the answer is authoritative? – devoured elysium Jul 02 '11 at 20:55
  • I suggest http://www.linux.com/learn/tutorials/442431-check-your-dns-records-with-dig as a starting dig tutorial. The authority section tells you what DNS servers can provide an authoritative answer to your query. So you are right in theory. But remember, DNS protocol has lots of security and reliablity concerns. – Emre Yazici Jul 02 '11 at 21:00