ANY queries and Recursion
Jim Reid
jim at rfc1035.com
Wed Aug 16 17:10:35 UTC 2000
>>>>> "Eric" == Eric A Hall <ehall at ehsco.com> writes:
>> The value is that not many clients, if any, really need *full*
>> answers to QTYPE=* queries, and it's a burden on the server to
>> provide them.
Eric> There are clients which do need ALL though, and they are
Eric> asking for ALL and are expecting ALL in the answer.
I may be missing something. How can any client be certain it really
got all the record types for the name it looks up? Maybe the server's
cache or the zone file on the master server changed while the reply
was in transit? Or maybe the zone file was messed up on the master
server so some names that should exist were missing. And vice versa.
The same applies to slurping the zone with an AXFR request.
I think the closest approximation to getting all the records for some
name would be asking for the name's NXT record if it was in a secure
zone. The NXT would provide a signed list of record types for the
name. And with a bit of luck you might get those records in the
additional section of the reply. Even so, it's still possible that the
zone contents or the answering server's cache changes after the NXT
was sent (and cached by the client?) or while the client was validating
the signature.
More information about the bind-users
mailing list