Strange results with dig command on localhost behind pfSense
- 
 Hi, My knowledge in DNS is limited. I noticed something earlier this day when I had trouble to reach a webpage: Why is the "AUTHORITY: 1" part missing in the answers for this specific domain when doing queries on localhosts behind pfSense? 
 With localhost directly connected (with public IP) or from pfSense /exec.php page every query got the "AUTHORITY: 1" part.If I restart the dns forwarder in pfSense I get ONE answer with the "AUTHORITY: 1" part intact, then the rest looks as below: localhost OS X (behind pfSense): $ dig ofiltrerat.se ; <<>> DiG 9.4.3-P3 <<>> ofiltrerat.se 
 ;; global options: printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61316
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION: 
 ;ofiltrerat.se. IN A;; Query time: 19 msec 
 ;; SERVER: 172.22.22.1#53(172.22.22.1)
 ;; WHEN: Tue Feb 9 16:02:59 2010
 ;; MSG SIZE rcvd: 31–----------------------------------------------------- pfSense 2.0-BETA1 built on Fri Feb 5 18:02:48 EST 2010 (/exec.php) $ dig ofiltrerat.se ; <<>> DiG 9.6.1-P1 <<>> ofiltrerat.se 
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2325
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION: 
 ;ofiltrerat.se. IN A;; AUTHORITY SECTION: 
 ofiltrerat.se. 672 IN SOA ns1.b-one.nu. hostmaster.b-one.net. 2004000000 10800 1800 1209600 900;; Query time: 10 msec 
 ;; SERVER: 195.54.122.204#53(195.54.122.204)
 ;; WHEN: Tue Feb 9 16:05:49 2010
 ;; MSG SIZE rcvd: 99
 And localhost again, now directly connected via public IP: $ dig ofiltrerat.se ; <<>> DiG 9.4.3-P3 <<>> ofiltrerat.se 
 ;; global options: printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31123
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION: 
 ;ofiltrerat.se. IN A;; AUTHORITY SECTION: 
 ofiltrerat.se. 232 IN SOA ns1.b-one.nu. hostmaster.b-one.net. 2004000000 10800 1800 1209600 900;; Query time: 17 msec 
 ;; SERVER: 195.54.122.204#53(195.54.122.204)
 ;; WHEN: Tue Feb 9 16:47:48 2010
 ;; MSG SIZE rcvd: 99update I have done some reading about dnsmasq and... 
 This is probably the right behaviour and that it is some kind of "feature" to only show the SOA record once...
- 
 Because one sometimes you get responses from the OS local cache which is not authoritive. 
- 
 @ermal: Because one sometimes you get responses from the OS local cache which is not authoritive. What I meant was that if I make 20 identical queries with dig to an DNS server I get the "AUTHORITY SECTION" with every answer. But now if I make the very same 20 queries to pfSense (dnsmasq) I only get the "AUTHORITY SECTION" on the first answer until a reload of the DNS forwarder service. May very well be an feature of dnsmasq… not local OS cache. 
- 
 dnsmasq is caching the answer, as that is one of its primary purposes (to be a DNS cache). When you restart the DNS Forwarder, the cache is flushed. 
- 
 That's how it should work, just means it was returned from cache. 
