[dns-operations] RCODE for bogon answers
Florian Weimer
fw at deneb.enyo.de
Fri Oct 12 09:26:31 UTC 2007
* Jo Rhett:
> On Oct 11, 2007, at 10:06 AM, Florian Weimer wrote:
>>> Then would the best practice be to return the equivilent of NXDOMAIN
>>> for things blocked by name server policy?
>>
>> This is a bit rude in the case someone mistakenly points one of their
>> NSes to your server.
>
> Isn't your case even ruder than what he proposed?
Depends on the intent of those who add the broken delegations.
> It's awful rude to send NS traffic to an unknowing nameserver without
> having arranged for service in advance.
Indeed. But if the default is to send NXDOMAIN, chaos ensues when you
mistakenly remove a zone for which you are secondary.
NXDOMAIN is the uncooperative answer. But I tend to agree that there
can be reasons to be uncooperative. I'm just not sure if it's the
correct default.
More information about the dns-operations
mailing list