CODEWITHSUNDEEP
dns
Siler
Siler

Reputation: 9484

Understanding DNS response header information

I'm in the middle of learning about DNS, and I'm trying to understand how a non-recursive resolver/server would respond to an empty response.

My understanding of DNS is basically that:

If the server returns a non-authoritative response, it will usually provide a list of nameservers (the NSCOUNT) which you can consult to find the authoritative response.

But, what happens if a DNS server returns nothing? As in - just the response header with ANCOUNT = 0, NSCOUNT = 0 and ARCOUNT = 0?

For example, if I query Google's free DNS server (8.8.8.8), and I ask it to resolve "google.com", and the recursion bit is NOT set, this is the response I get:

+---------------------------------------------------------------------------+
| 25550 | QR: 1 | OP: 00 | AA: 0 | TC: 0 | RD: 0 | RA: 1 | Z: 0 | RCODE: 00 |
+---------------------------------------------------------------------------+
| QDCOUNT:     1,   ANCOUNT:     0,   NSCOUNT:     0,   ARCOUNT:     0      |
+---------------------------------------------------------------------------+

So basically, it returned nothing to me except my original query, and it informed me that recursion is available.

In this case, how should the query proceed (assuming we don't just use ask the server to use recursion). Is the only recourse here to contact one of the top-level servers? Or, to put my question another way, how come Google's DNS server didn't return me a list of nameservers (why is NSCOUNT 0?) that I can consult?

Upvotes: 1

Views: 2039

Answers (2)

Manish Maheshwari
Manish Maheshwari

Reputation: 4134

When you said "No Recurse", then the Google's NS did not recurse. Since they are not the authoritative nameservers for google.com, they didn't provide any response. This is normal, and acceptable behaviour.

You can only request with "recurse" bit set, to figure out the A-record for google.com. Other way is:

  1. Find the NS for com., from the root servers.
  2. Find the NS for google.com from one of the com NS.
  3. Find the A record for google.com from the gooogle.com NS.

Basically, you do what the recursive nameserver was supposed to do for you. Note: Recursive NS can use its cache for getting you a response without actual queries, based on TTL for the record (and of course if you set the recursion bit (-:

Upvotes: 3

Alnitak
Alnitak

Reputation: 339786

Only an authoritative server is supposed to include the NS records in the authority section of the response.

The Google 8.8.8.8 servers are not authoritative for google.com, and you asked them not to recurse, so they didn't.

This is an abnormal query that a real DNS client wouldn't send to them, so their response of "NO DATA / NO ERROR" (RCODE == 0, ANCOUNT == 0) is acceptable.

Upvotes: 1

Related Questions