[dns-operations] RFC7816 - do not remove
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Dec 18 10:13:50 UTC 2017
On Mon, Dec 18, 2017 at 09:47:38AM +0100,
Florian Weimer <fweimer at redhat.com> wrote
a message of 17 lines which said:
> With RFC 7816, the name is actually queried, the response would be
> cached, and the subtree beneath it could be pruned if the response
> is NXDOMAIN?
If the resolver also implements RFC 8020, yes.
Amazon's workaround is just a workaround but, at least, it fixes the
problem.
% dig NS elb.amazonaws.com
; <<>> DiG 9.10.3-P4-Debian <<>> NS elb.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27386
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;elb.amazonaws.com. IN NS
;; AUTHORITY SECTION:
amazonaws.com. 3593 IN SOA dns-external-master.amazon.com. hostmaster.amazon.com. (
2012708585 ; serial
180 ; refresh (3 minutes)
60 ; retry (1 minute)
2592000 ; expire (4 weeks 2 days)
3593 ; minimum (59 minutes 53 seconds)
)
;; Query time: 16 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 18 11:13:37 CET 2017
;; MSG SIZE rcvd: 120
More information about the dns-operations
mailing list