[dns-operations] DNS error reporting

wbrown at e1b.org wbrown at e1b.org
Wed Feb 17 14:07:09 UTC 2016

From: Shane Kerr <shane at time-travellers.org>

> Petr Spacek <pspacek at redhat.com> wrote:
> > Maybe we can send the error back only when client is connected 
> over TCP or is
> > using DNS cookies.
> This seems reasonable to me, but will it be interpreted as reasonable
> by resolver operators and client developers?

Perhaps return a short message (about the size of the query) for any error 
to prevent DOS.  A full error message could be returned to "validated 
query source" identified by TCP connection or DNS cookies.

Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160217/44a96e6c/attachment.html>

More information about the dns-operations mailing list