Unexpected exception returned from cmdlet Resolve-DNSName

Question

When querying a root name server directly, in some instances, the Resolve-DNS cmdlet does not return to the console the responses it received, and instead returns an exception. A reproducible example is as follows:

Root name server used in this example: e.root-servers.net 192.203.230.10

Example query to ask for name servers which are authoritative for the root zone. This returns NS (and A) results as expected:

$ Resolve-DnsName -Server 192.203.230.10 -Type NS -NoRecursion -Name .

Name Type TTL Section NameHost

---

. NS 518400 Answer m.root-servers.net
. NS 518400 Answer b.root-servers.net
. NS 518400 Answer c.root-servers.net
. NS 518400 Answer d.root-servers.net
. NS 518400 Answer e.root-servers.net
. NS 518400 Answer f.root-servers.net
. NS 518400 Answer g.root-servers.net
. NS 518400 Answer h.root-servers.net
. NS 518400 Answer i.root-servers.net
. NS 518400 Answer a.root-servers.net
. NS 518400 Answer j.root-servers.net
. NS 518400 Answer k.root-servers.net
. NS 518400 Answer l.root-servers.net
etc...

Example query to ask for name servers which are authoritative for the top level 'com' zone. This returns an exception:

$ Resolve-DnsName -Server 192.203.230.10 -Type NS -NoRecursion -Name com.

Resolve-DnsName : com. : DNS query request is pending
-or-
Resolve-DnsName : com. : DNS server failure

There are two reasons why the exceptions above do not seem logical:

1. A packet trace of the query reveals that the root name server DOES respond with a list of auth name servers and glue records for the 'com' zone. These should be returned to the console application.
2. An identical query, when issued via NSLOOKUP returns the results as expected, as shown (truncated) here:

nslookup -norecurse -type=NS com. 192.203.230.10

Server: UnKnown
Address: 192.203.230.10

com nameserver = l.gtld-servers.net
com nameserver = b.gtld-servers.net
com nameserver = c.gtld-servers.net
com nameserver = d.gtld-servers.net
com nameserver = e.gtld-servers.net
com nameserver = f.gtld-servers.net
com nameserver = g.gtld-servers.net
com nameserver = a.gtld-servers.net
com nameserver = h.gtld-servers.net
com nameserver = i.gtld-servers.net
com nameserver = j.gtld-servers.net
com nameserver = k.gtld-servers.net
com nameserver = m.gtld-servers.net
etc...

There is no observable difference if the '-NoRecursion' parameter is included or not.

Can anyone explain this odd behaviour?

Thanks,
DaveC

Answer 1

NOTE

At some point in the past year this behaviour appears to have been fixed :)

-DC