Bind 9 truncating responses
Brad Knowles
brad at stop.mail-abuse.org
Fri Apr 22 12:02:41 UTC 2005
At 9:28 AM +0000 2005-04-22, <stephen.vickers at n3k.co.uk> wrote:
> First things first: I understand that 50 NS records in a zone are not
> good practice however situations require that this be the case.
No, it's not good practice. In fact, it's one of the worst that
I've ever encountered, and I was the guy who committed the Heinous
Crime Against the Internet by figuring out how AOL could stuff 49 IP
addresses for MX servers into the DNS.
> Are the NS and A records considered required/important for the response
> to an A record query?
No, they'd be "additional" information for that query. I'm much
more concerned about what happens when someone does an "NS" query for
your domain and the 50 names and IP addresses can't fit into a single
512 byte packet, so you're not truncating in the "additional"
section, but instead in "authority".
Get these things called Layer 4 Load-Balancing Switches. Use
them. Don't advertise 50 NS records.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list