On Tue, Feb 15, 2011 at 04:53:40PM +0100, Paweł Piątkowski wrote:
> On 15.02.2011 16:02, William Ahern wrote:
> >On Tue, Feb 15, 2011 at 01:36:20PM +0100, Pawe?? Pi??tkowski wrote:
> >>On 15.02.2011 11:36, William Ahern wrote:
> >>>>Can I handle NS response manually somehow? I see there is
> >>>>ares_parse_ns_reply(). Are there any examples on how to use it?
> >>>
> >>>I don't think it's possible to implement a recursive resolver using c-ares.
> >>>You can't control the fields in the query packets, nor the destination.
> >>
> >>Sure, but if I could parse NS reply and get addresses of suggested DNS
> >>servers then I could send another request to them and repeat this
> >>behavior until I get A reply.
> >
> >The problem is that you're relying on a local server which is not configured
> >properly; whatever you manage to hack together using c-ares alone might not
> >work anywhere else.
>
> I was getting this behavior with root servers. My local nameserver
> is recursive but I see your point.
>
> I assumed that regular DNS servers can work in both modes (recursive
> and non-recursive) and it was clients responsibility to make sure it
> handles NS replies and finally gets the IP.
>
> If I understand you correctly I can safely assume that a properly
> configured nameserver will not give me a NS reply.
Depends on what you call a "nameserver". If it is a recursive resolver,
its task (by definition) is to either give you an NXDOMAIN or provide you
with the correct answer after *it* has followed the delegation chain from
the root servers down. If it is an authoritative nameserver, then its task
(by definition) is to either give you the correct record - if it is in one
of the zones it is authoritative for, or give you a delegation to another
nameserver that is authoritative for a "sub-zone", or give you an NXDOMAIN
and (usually, by convention, not obliged to do it) a delegation to the root
servers so that you know that something's wrong and you're asking the wrong
server.
cares is only supposed to be used to communicate ith recursive resolvers,
so you can safely assume that a properly configured resolver will either
give you the correct answer or an NXDOMAIN, but not a delegation to another
nameserver.
G'luck,
Peter
-- Peter Pentchev roam_at_ringlet.net roam_at_FreeBSD.org peter_at_packetscale.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false.