[dns-operations] Change to BIND minimal-responses config option

Tony Finch dot at dotat.at
Fri Apr 21 09:22:08 UTC 2017


Mukund Sivaraman <muks at isc.org> wrote:
>
> So far, the BIND "minimal-responses" config option was set to false in
> default config. We are changing this to true in 9.12.

[snip]

> We're seeking feedback on whether the change will impact anyone.

I wrote about the usefulness of additional data on the BIND users list in
September - https://lists.isc.org/pipermail/bind-users/2016-September/097710.html

The summary being that owing to RFC 2181 trustworthiness ranking and
related carefulness, BIND's resolver doesn't get much benefit from
additional data, even when in theory it could.

Mark said that fixing this is on his todo list. But turning on minimal-any
by default would make this fix pointless.

Perhaps there's a good intermediate setting, where the server returns
additional data related to records in the answer section (MX and SRV
targets, etc.) but avoids populating the authority section.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Lundy, Fastnet: Variable 3 or 4. Smooth or slight, occasionally moderate in
southwest Fastnet. Fair. Good.



More information about the dns-operations mailing list