Bug 1437

Summary: unbound not returning A/AAAA record on NS query
Product: unbound Reporter: rahul <rahulk7858>
Component: serverAssignee: unbound team <unbound-team>
Status: ASSIGNED ---    
Severity: enhancement CC: cathya, wouter
Priority: P5    
Version: unspecified   
Hardware: x86_64   
OS: other   

Description rahul 2017-09-08 07:18:43 CEST
"example.com NS sub.example.com.", "sub.example.com A"

when i query ns record , we dont get A record in additional section

# dig @ example.com ns
    ; <<>> DiG 9.10.3-P4 <<>> @ example.com ns
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29207
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
    ; EDNS: version: 0, flags:; udp: 4096
    ;example.com.		IN	NS
    example.com.	10	IN	NS	sub.example.com.
    ;; Query time: 21 msec
    ;; SERVER:
    ;; WHEN: Fri Aug 18 13:40:20 PDT 2017
    ;; MSG SIZE  rcvd: 80

actually we are using 5-6 year old code base. we have used unbound as a service so did changes regarding how we interact with unbound hence we cant update the code. Not sure if its working in latest or not.
Comment 1 Wouter Wijngaards 2017-09-19 11:02:56 CEST
Hi Rahul,

This is not part of the spec for DNS to return that record.  It is sometimes included.  But not always, the answer you see here is the minimal answer.  It is smaller and that is why.

If you want that A record, you can perform a lookup for sub.example.com. A.  And also sub.example.com. AAAA (if it is reachable over IPv6).

Unbound has a minimal-responses option (that you can try to turn off if it is turned on).  But unbound actually also gets this from the upstream data, that may deliver this answer in this manner.  They choose to enable minimal responses, and thus unbound has a minimal response for this query.

Best regards, Wouter