Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how to tell if a server is authoritative?

3 views
Skip to first unread message

Kevin Darcy

unread,
Mar 23, 2001, 4:52:51 PM3/23/01
to

Doug Kite wrote:

> How can you tell if a server is authoritative for a domain or not using dig?
>
> The best way I can figure is that if you ask it for the same domain twice,
> and it comes back with an "aa" flag BOTH times then it must be set up as
> authoritative for that domain, because it is not caching the answer it is
> giving you.
>
> Is there a better way, or is this thinking correct?

That's the way I usually use, however, it might not work with low TTL values,
e.g. 0.

A more reliable way would be to attempt a query of a type that *cannot* be
recursed, like an AXFR query. Note that RCODE=REFUSED in the response to an
AXFR request is ambiguous -- it could mean *either* that the zone transfer was
refused because of an allow-transfer restriction *or* that the server is
non-authoritative for the zone. But the AA bit should be reliable regardless.


- Kevin


0 new messages