Maintained by: NLnet Labs

[Unbound-users] Strange result from Unbound cache

lst_hoe02 at kwsoft.de
Fri Nov 26 10:40:28 CET 2010


Zitat von Hauke Lampe <lampe at hauke-lampe.de>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 25.11.2010 21:02, lst_hoe02 at kwsoft.de wrote:
>
>>>> $ dig -b 193.27.54.7 @213.150.41.253 c.ns.secunia.com. +short
>>>> 91.198.117.1
>>>> 91.198.117.1
>>
>> Yes, but i'm a little bit baffled that identical records are returned.
>> Does unbound cache it this way or are the records subtil different?
>
> Unbound just returns what the authoritative nameserver sent.
>
> Duplicate A records like this are often produced by djbdns' tinydns-data
> tool when its built-in shortcuts are used, e.g. multiple "&" records
> with address, which generate NS + A records.
>
> &example.org:127.0.0.1:ns1.example.org.:86400
> &example.com:127.0.0.1:ns1.example.org.:86400
> &example.net:127.0.0.1:ns1.example.org.:86400
>
> would produce 1 NS record for example.{org,com,net} each and 3 A records
> for ns1.example.org.
>
>> Bind 9.7 only provide only one record for the same query.
>
> BIND removes duplicate nameserver addresses from responses, it seems.

It is not limited to the nameserver record case because query A record  
for d.ns.secunia.com deliver also two identical results. I guess Bind  
only deliver one result because the cache detects that the results are  
identical and stores only one instance, or maybe it isn't able to  
store two identical results in the cache anyway.

As it does not hurt i will simply ignore it further on.

Thanks for your input

Andreas