[dns-operations] Reporting glue as authoritive data -- Bug!
Mark Andrews
Mark_Andrews at isc.org
Mon Jan 28 09:45:35 UTC 2008
>
> --LQksG6bCIzRHxTLp
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
>
> On Fri, Jan 25, 2008 at 01:51:52PM -0500,
> Matt Larson <mlarson at verisign.com> wrote
> a message of 11 lines which said:
>
> > > BIND9 does what the RFC says,
> >
> > Chapter and verse, please.
>
> IMHO, this is RFC 1034, section 4.3.2. It says "If a match would take
> us out of the authoritative data, we have a referral. [...] Put
Glue is not authoritative data. NS records at the bottom
of zone are not autoritative data. RFC 1034 and RFC 1035
are internally consistant about this.
> whatever addresses are available into the additional section, using
> glue RRs if the addresses are not available from authoritative data or
> the cache." In the example given ('dig @f.gtld-servers.net A
> ns1.crsnic.net.') we are "out of the authoritative data".
>
> I agree that RFC 1034, 3.7 says "Answer [section] Carries RRs which
> directly answer the query." introduces ambiguity since, in the example
> given, the A record directly answers a query.
A parent doesn't have *answers* which directly answer the question
unless they exist in the cache.
> Work for the IETF "DNS extensions" working group, which is currently
> busy on a "profile" RFC? (See the attached message.)
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations
mailing list