I see in the man page, there is EAI_NODATA
. Does that refer to the case above where there are no addresses found? Meaning getaddrinfo
returns 0 implies at least one address was found?
CodePudding user response:
TL;DR: Yes. Because of how the DNS work (see below), not specific to getaddrinfo
(other API will have the same case to handle).
Irrespective to the details of the implementation of getaddrinfo
(if addrinfo
is NULL or points to an empty array), the case of "no error no data" is totally legit in DNS.
A DNS reply with no data is not a failure. You are just asking for something that doesn't exist and you get a reply (so it is different from a timeout or getting an error code from the DNS server) that just states "no data".
No data by itself is not a DNS error code. The code is "NOERROR". But what is considered as NODATA pseudo "error" code is "NOERROR" error code no data in answer, ie empty ANSWER
section in the DNS message received (a DNS message can have 4 sections: ANSWER
, AUTHORITY
, ADDITIONAL
besides the QUESTION
section). It typically happens when you request a name that exists but a record type that does not for this name.
For example:
$ dig stackoverflow.com NAPTR @9.9.9.9
; <<>> DiG 9.18.4 <<>> stackoverflow.com NAPTR @9.9.9.9
;; global options: cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24069
;; flags: rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 9e283a63fe8c4183
;; QUESTION SECTION:
;stackoverflow.com. IN NAPTR
;; QUERY SIZE: 58
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24069
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;stackoverflow.com. IN NAPTR
;; AUTHORITY SECTION:
stackoverflow.com. 15m IN SOA ns-1033.awsdns-01.org. awsdns-hostmaster.amazon.com. (
1 ; serial
7200 ; refresh (2 hours)
900 ; retry (15 minutes)
1209600 ; expire (2 weeks)
86400 ; minimum (1 day)
)
;; Query time: 46 msec
;; SERVER: 9.9.9.9#53(9.9.9.9) (UDP)
;; WHEN: Tue Jul 05 10:50:06 EST 2022
;; MSG SIZE rcvd: 128
(NAPTR
is a rarely used record type)
You can see:
NOERROR
error code: the answer is ok- but no
ANSWER
section at all, meaning this couple of name record type does not exist; it is fine, a "not exists" is not an error (same in SQL: if you query a table for some rows, and you get 0 rows back, it is not an error, you just get an empty set as result).
Compare that with when you try on a name that does not exist at all:
$ dig doesnotexist.stackoverflow.com AAAA @9.9.9.9
; <<>> DiG 9.18.4 <<>> doesnotexist.stackoverflow.com AAAA @9.9.9.9
;; global options: cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9367
;; flags: rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e1efbfee7fd15032
;; QUESTION SECTION:
;doesnotexist.stackoverflow.com. IN AAAA
;; QUERY SIZE: 71
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;doesnotexist.stackoverflow.com. IN AAAA
;; AUTHORITY SECTION:
stackoverflow.com. 15m IN SOA ns-1033.awsdns-01.org. awsdns-hostmaster.amazon.com. (
1 ; serial
7200 ; refresh (2 hours)
900 ; retry (15 minutes)
1209600 ; expire (2 weeks)
86400 ; minimum (1 day)
)
;; Query time: 56 msec
;; SERVER: 9.9.9.9#53(9.9.9.9) (UDP)
;; WHEN: Tue Jul 05 10:44:40 EST 2022
;; MSG SIZE rcvd: 141
Completely different here: yes there is no ANSWER
section at all, but what is important is that the error code is NXDOMAIN
which means "the name you query does not exist" (hence does not exist for any record type you might want to try).
You will get "nodata" cases too for ENT or Empty Non Terminals: the name may not exist (no record types defined at that name level), but names below do exist. In cases like that, a nameserver can not reply NXDOMAIN
because receiving NXDOMAIN
on a name means all names "below" do not exist as well (see RFC 8020 "NXDOMAIN: There Really Is Nothing Underneath")