[dns-operations] Reporting glue as authoritive data -- Bug!

Mark Andrews Mark_Andrews at isc.org
Tue Jan 29 22:47:23 UTC 2008 

> * Edward Lewis wrote:
> > Documenting these responses would be the responsible thing to do.  No 
> > one has taken this on.  I don't see the harm in legitimizing them, 
> > whatever that means.  Perhaps once we rid the network of broken 
> > resolvers we don't need to see these responses.  But since when has 
> > the Internet relied on an attitude that every one has to march to the 
> > same beat?  Whatever happened to "be liberal in what you accept?"
> 
> I have the problem in the other direction. The response of glue as
> legitimate answers is not accepted by my resolver (DNSSEC validation on).
> The reason to ask here is a report from a friend who's resolver assumed the
> answer to complete and therefore was unable to resolve his own domain.
> 
> So I have to choose to make the new implementation bugward compatible or not.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations

	Diversity in answers is bad for the resolver as they have
	to deal with all the undocumented crud that gets sent at
	them.
	
	We already have to have a workaround to deal with this
	"referral in answer".  Yes, BIND 8 produced this crud
	as well.

; <<>> DiG 9.3.4-P1 <<>> ns uu.net +norec @a.gtld-servers.net
; (2 servers found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30839
;; flags: qr; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4

;; QUESTION SECTION:
;uu.net.				IN	NS

;; ANSWER SECTION:
uu.net.			172800	IN	NS	auth00.ns.uu.net.
uu.net.			172800	IN	NS	auth200.ns.uu.net.
uu.net.			172800	IN	NS	auth210.ns.uu.net.
uu.net.			172800	IN	NS	auth60.ns.uu.net.

;; ADDITIONAL SECTION:
auth00.ns.uu.net.	172800	IN	A	198.6.1.65
auth200.ns.uu.net.	172800	IN	A	195.129.12.82
auth210.ns.uu.net.	172800	IN	A	195.129.12.74
auth60.ns.uu.net.	172800	IN	A	198.6.1.181

;; Query time: 283 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Wed Jan 30 09:37:03 2008
;; MSG SIZE  rcvd: 177

	I'm sure if I look hard enough I'll find a glue in answer
	without glue in additional as well.

	Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list