rfc1034 & bind 8.3.4 providing referrals as final answer to recursive clients
Ladislav Vobr
lvobr at ies.etisalat.ae
Wed Sep 8 06:32:37 UTC 2004
> I also see your misunderstanding of the fact that delegation is not
> exclusive in the DNS. Answers about "fake3.ladislav.name.ae." can be
> legitimately supplied by any one of no less than five sets of content
> DNS servers:
>
> 1. the "." content DNS servers
> 2. the "ae." content DNS servers
> 3. the "name.ae." content DNS servers
> 4. the "ladislav.name.ae." content DNS servers
> 5. the "fake3.ladislav.name.ae." content DNS servers
Jonathan, you should be very careful what you mean by *answer*, is this
the same what bind means by *answer* and is it the same what 8.3.4
thinks or it is what 8.4.1 or 9.* thinks.
In situations, where the namesevers listed by you (1,2,3,4) are 8.4.1 or
higher, only the the #5 will provide you with the *answer* others will
always mentioned it only in the additional section. and your caching
nameserver will follow up up to #5.
In situation when one of 1,2,3,4 is 8.3.4 this will provide your caching
server with its own so called *asnwer*, and make the your caching server
to stop the recursive process.
My point is that on one side, bind is very reluctant to provide A
records even for the +norec clients (as my previous post), although
having it in the cache, on the other hand it doesn't hesitate to claim
the refferal to be the final answer to the recursive clients.
Ladislav
More information about the bind-users
mailing list