[dns-operations] NS records in Authority for NOERROR responses
Jan Včelák
jan.vcelak at nic.cz
Fri Sep 4 07:49:03 UTC 2015
Mark Andrews wrote:
> Returning NS records also helps when the parent servers also serve
> the child zone and the two sets of servers differ. Without NS
> records being returned you would never ask any server but the parent
> servers.
I agree. But again, this applies to insecure zones. With DNSSEC, you
would find out easily that there is a zone cut.
Robert Edmonds wrote:
> Maybe you have to keep a BIND server around alongside your Knot fleet
> in case you want to retain this capability ;-)
Evidently, there are use cases for the NS inclusion. We will reconsider
and might add a compile time or a run time option. Just wait for a while
before installing BIND... ;-)
Best regards,
Jan
More information about the dns-operations
mailing list