[dns-operations] Reporting glue as authoritive data -- Bug!

Mark Andrews Mark_Andrews at isc.org
Tue Jan 29 20:57:04 UTC 2008 

> At 17:59 +0100 1/29/08, Peter Koch wrote:
> 
> >This makes me believe that there are other options than considering the glue
> >pot part of the cache.
> 
> Yeah, the point is that you can interpret what's in 1034 too many 
> different ways to say one has to be or the other.  Strident claims 
> can be said that "glue is glue" and that would seem to be wise, but 
> people actually running the name servers out there had reasons to go 
> with glue as if it was cache.

	BIND 4 and 8 did it because there was only one data store and
	it was a compromise.  We realised it was WRONG and it was one
	of the things we fixed when we did the re-design for BIND 9.

> My preference, given the choice between an running system and a 
> compliant system, is to go with the one that runs.  The world wasn't 
> built to conform to a specification.

	The world runs without it.  There are lots of zones including
	TLD's that cope.

> >while at the same time we'd all hope said greedy resolver would have gone
> >sooner than later.
> 
>  From what I've been learning, it's more than one resolver.  What 
> happened in history is that one implementation got it wrong, a second 
> implementation was then coerced into bug-for-bug compatibility, and 
> then another and so on, so that the bug was repli-engineered into 
> many places.  Eventually, the bug became the law of the land.

	I think it is time to name the resolver(s) if you really
	want to try to ram through this bad engineering decision.
	If a resolver don't follow glue it is broken and there are
	lots of places where it will fail to resolve names.

	I fail to see how you need to be bug for bug compatible
	with a resolver.

> It's not the first time nor the last this has happened.
> -- 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis                                                +1-571-434-5468
> NeuStar
> 
> Think glocally.  Act confused.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list