0

ISC BIND has a tool named dig that allows us to send a DNS request to a DNS server set on parameter and see what that server answers.

I wanted to know if that DNS server answered based on its cache, on its zones, or if it forwarded the request. And, if it was forwarded, where it forwarded to.

Is there any way to get this information?

Hikari
  • 107
  • 3
  • 12

1 Answers1

1

No, there is not.

Specifically because the remote nameserver you are querying may be an authoritative one (then your request is either rejected or served with content the nameserver has locally as it is authoritative) or a recursive one (then your request could be immediately fulfilled by content of the cache or the recursive nameserver would need to do one or more iterative queries to find out the result you asked for). And before having the reply you have no way to know if the given nameserver is authoritative or recursive, for your specific request.

But why do not need to have this information?

The only remedy is to run your own recursive nameserver and let it do the iterative queries to authoritative nameservers. You can then control its cache per your liking. You already mention dnsmasq in your tags, so you know the direction to follow.

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
  • Thanks for the explanation. Indeed I don't hope to have this information from standard DNS query protocol. I need this information because I have 3 DNS servers on my LAN, and would like to know if they are forwarding correctly and if those I expect to resolve specific names are indeed the ones doing it. Pihole uses dnsmasq and it has reports with quantity and % of queries by type and by who answered it. It's able to know if a query was answered by dnsmasq's cache, if it was blocked or if it was fowareded and to whom. I'm looking for a way to have thes info from other servers. – Hikari Sep 12 '19 at 19:57
  • 1
    You can always analyze the logfiles, but I was not understanding that you control the nameserver being queried. This gives you information after the fact. – Patrick Mevzek Sep 12 '19 at 20:01
  • hmm good idea I'll try what log files could tell me – Hikari Sep 13 '19 at 00:03