[dns-operations] Change to BIND minimal-responses config option
Wessels, Duane
dwessels at verisign.com
Fri Apr 21 20:44:52 UTC 2017
Hi Mukund,
Thanks for the heads-up.
I wonder how well we understand the consequences that minimal-responses has on cached NS records? If my authoritative servers for a second-level domain like example.com uses minimal-responses, then will a recursive cache ever receive the NS RRset from the authoritative servers? Or will it only have the RRset from the parent (com), which might also have different TTLs?
DW
> On Apr 20, 2017, at 8:59 PM, Mukund Sivaraman <muks at isc.org> wrote:
>
> Hi all
>
> So far, the BIND "minimal-responses" config option was set to false in
> default config. We are changing this to true in 9.12.
>
> Currently the BIND ARM describes it so:
>
> minimal-responses:
>
> If yes, then when generating responses the server will only add
> records to the authority and additional data sections when they are
> required (e.g. delegations, negative responses). This may improve
> the performance of the server. The default is no.
>
> It'll still be possible to set it to false via config in 9.12.
>
> As described, delegations, glue, and negative responses are unaffected,
> as it is with BIND <= 9.11 with explicit "minimal-responses yes".
>
> We're seeking feedback on whether the change will impact anyone.
>
> Mukund
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list