Hi all Not sure if this question belongs here or if there's a better forum to ask it; if that's the case, please direct me to the correct forums Now, about my request; I've been playing with the windows DNS resolver API (dnsapi.dll) and I've written some vanilla "C" code to explore it (the "windns.h" contains all the needed stuff) and got quite a good grip on the whole API, however I'm still facing a problem and maybe someone will be able to give me a definitive answer I use the "DnsQuery()" API call to run DNS queries using the windows resolver library and, as I wrote, it works just fine; the problem is that it doesn't seem to properly handle "zone transfer" requests; all other query types work without a glitch, but if I try to call the function using either "DNS_TYPE_AXFR" or "DNS_TYPE_IXFR" to transfer a full zone (note: the queried DNS *allows* zone transfers so it isn't the issue) the API accepts the request (the constants are defined in the windns header file), processes it but then, the result is just the SOA record for the zone, there's NO other record I already tried debugging the code to no luck; all I can say is that I tried sniffing the traffic and, in effect, the windows DNS resolver sends out the DNS zone transfer request to the target server and the server DOES send back the whole zone contents in reply but then, as I wrote, it sounds like the resolver discards everything just keeping the SOA record My suspect is that, since the RFC state that a zone trasfer should start with the SOA record and a second copy of the SOA record should be transmitted at end of the zone data, the windows resolver may be wiping the data as soon as it sees this second SOA record; in such a case, the issue I'm facing may be caused by a bug (or be "by design" :D) so... I will live with it (given it won't be fixed, by the way) but... I'd really like to understand the reason for this strange behaviour or if there is some way to make the AXFR/IXFR calls to the DNSquery() work as they should

Just to add some more infos; retried issuing a "DnsQuery(AXFR)" call while sniffing the network traffic and the behaviour is exactly as reported above; the windows resolver library sends out the query to the target DNS server, the latter sends back the zone data but then, the query results reported after the API call only contain a single record and this record is the SOA one at this point, either I'll need to specify some kind of "undocumented" flag when issuing the query or the resolver library has a bug causing it to wipe the results list as soon as it receives a second copy of the SOA record; this, by the way, may also be considered a "vulnerability"

Hi ObiWan, Thanks for posting here. I think this question should be posted and get professional response from MSDN form: http://msdn.microsoft.com/en-us/windowsserver/ff727938 Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi ObiWan, Thanks for posting here. I think this question should be posted and get professional response from MSDN form: http://msdn.microsoft.com/en-us/windowsserver/ff727938 Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi ObiWan, Thanks for posting here. I think this question should be posted and get professional response from MSDN form: http://msdn.microsoft.com/en-us/windowsserver/ff727938 Hi Tiger, thanks for getting back at me and thanks for directing me to the MSDN forums; as I wrote, I was unsure if this was the right forum since the issue is a "two sided" one that is, it both involves windows networking and (for some) windows development Anyhow; I'll try reposting my question on the MSDN forums, thanks again ! [Edit] Ok, reposted the question here (hope that's the right forum)