[dns-operations] 答复: 答复: DNS forwarder behavior on response with cname
Dave Lawrence
tale at dd.org
Fri Jan 4 04:02:01 UTC 2019
Paul Vixie writes:
> it's been observed many times, especially since the 2008 summer of fear,
> that you can't know that a sibling name isn't a zone cut, so the
> question of "is it in bailiwick" is nonsequitur. you can only know when
> one name is not in-bailiwick, not when it is.
FWIW, I very much agree. That was an interesting insight when it was
first voiced, and I've got no objection to BIND's all-case query
restarts when it comes to authorities. Just wondering if the restart
in the forward case is an artifact of that, and it is hard to imagine,
as Davey pointed out, any way that the forwarded resolver will return
anything significantly different when asked specifically for the
canonical name.
More information about the dns-operations
mailing list