[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to find initiating host address?
Date: Sat, 18 Sep 1999 15:03:56 +0900
From: "@|?lAw" <chun@comeng.chungnam.ac.kr>
Message-ID: <37E32B4C.EA56A8D5@comeng.chungnam.ac.kr>
| Is it correct?
That's a reasonable description of a possible scenario, yes.
| Then, the lastNS has no clue on which host initially generate the query.
That's right. Of course, it is also possible that lastNS never actually
gets the query, one of the other NS2... in the chain might have known it
and returned it - which in a sense makes it the lastNS for this query, but
it isn't the lastNS you had in mind (not onw who would have any special
knowledge of the answer that is being returned pr any motivation for
playing with it).
| Is there any method for the lastNS to find out what is the host that
| initiated the query?]
No.
| This may useful to reply differently according to the initiator.
That must never be done. DNS information is cached and passed around all
over the place. There's no way to confine this kind of information. The
only way to have different hosts see different DNS responses is to have them
in totally separate DNS worlds, where all possibility of information
leakage is very carefully guarded against.
| IMHO, a field, "initiator" or something, may be inserted in DNS query,
| and this field must be copied to recursibe querries.
No, that can't work, caching means that information is given out by
any random DNS server on the internet.
Eg: in your example, when firstNS does the lookup for client A, it
remembers the answer it received. When some other client (which might
or might not be in any way related to A) does a lookup, firstNS just
returns the answer it obtained before (assuming the second query is
within the time to live of the answer when it was obtained initially).
The whole DNS is designed around the philosophy of there being one common
set of data that is equally available to all who ask. Changing this is
no simple thing to achieve.
kre