[dns-operations] RFC 6604 clarification

Kumar Ashutosh Kumar.Ashutosh at microsoft.com
Tue Mar 31 11:11:49 UTC 2015


As per RFC 6604, section 3
      When an xNAME chain is followed, all but the last query cycle
      necessarily had no error.  The RCODE in the ultimate DNS response
      MUST BE set based on the final query cycle leading to that
      response.  If the xNAME chain was terminated by an error, it will
      be that error code.  If the xNAME chain terminated without error,
              it will be zero.

This is a little vague on two accounts:

1. What would be the error code if the server decides to curtail the CNAME chain after a certain length (say 20). Is it still success or do we indicate in some other way.

2. If the CNAME chain points to a Qname for which the auth server is non-authoritative (and recursion is disabled on the auth server.) The server in this case cannot get the response. A direct query for this Qname will result in SERV_FAIL. Should the auth server return SERV_FAIL in this case? Will resolvers respect answers with SERV_FAIL in RCODE and cache the partial response?

[ I have asked the same in IETF groups as well ]

Program Manager | Windows Networking| DNS & SDN

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150331/8721b0a5/attachment.html>

More information about the dns-operations mailing list