Zone cut NS RRs returned as authoritative records
SivaKesava1 opened this issue · comments
Siva Kesava R Kakarla commented
Hi again,
Similar to #1272, the issue exists with child NS records also. Consider the same zone file,
example.com. | 60480 | SOA | ns1.outside.com. root.example.com. 3 604800 86400 2419200 604800 |
example.com. | 60480 | NS | ns1.outside.com. |
b.g.example.com. | 60480 | NS | n.b.g.example.com. |
n.b.g.example.com. | 60480 | A | 1.1.1.1 |
For the query <b.g.example.com. , NS>, the TrustDns server returns the following response:
"rcode NOERROR",
"flags QR AA",
";QUESTION",
"b.g.example.com. IN NS",
";ANSWER",
"b.g.example.com. 60480 IN NS n.b.g.example.com.",
";AUTHORITY",
"example.com. 60480 IN NS ns1.outside.edu.",
";ADDITIONAL",
"n.b.g.example.com. 60480 IN A 1.1.1.1"
Expected behavior
The AA bit is set in the response, which should not be as this is a child NS record, and the parent is not authoritative of the record. The server should return an empty answer but place <b.g.example.com, NS>
in the authority section and the glue record in the additional section as per RFC 6672, Section 3.2, Point 3B. The <example.com, NS>
is generally not returned.
System:
- OS: Ubuntu
- Architecture: x86_64
- Version: 18
- rustc version: cargo 1.47.0