[dns-operations] sophosxl.net problem?
tale at dd.org
Mon Nov 11 21:11:25 UTC 2019
Viktor Dukhovni writes:
> We can't have both of:
> * It is valid to return non-authoritative cached data for RD=0
> * It is invalid to return AA=0 in response to RD=0 requests.
> Which shall it be? You say you find the first useful, but then you
> really can't have the second, the responser isn't necessarily lame
> if the qname is not the zone apex.
When I get an RD=0 query at my dual authoritative/recursive server
that can be answered from authoritative data, I do so without ever
consulting the cache.
Yes it is a tiny bit sad-making that this means that in the rare case
where I am working with a zone hosted on a dual-mode server that
delegates a subzone away then I don't see the exact same behavior as I
would see in other circumstances, but I'm okay with that.
(Apologies for the poor editing of my previous message, too. Clearly
I had hit send too soon.)
More information about the dns-operations