strange response to the DS request
Manabu Sonoda
manabu-s at iij.ad.jp
Mon Mar 7 00:58:46 UTC 2016
On Fri, 4 Mar 2016 10:49:50 -0800
神明達哉 <jinmei at wide.ad.jp> wrote:
> I'm not sure whether we should do something about it, though. As you
> pointed out, the configuration is already so broken: there's even no
> delegation from the parent (or ancestor) to the child zone, so I'm not
> sure if we can define any valid behavior in such a case based on
> RFC3658 or any other standard document.
>
> So I'm wondering: is this something odd you just happen to find in a
> test environment or something, or is there any practical issue because
> of that?
That found product environment...
Our full resolver was sometimes return the CNAME record.
That parent zone TTL is greater than child zone TTL.
I known this is miss-configuration that NS Delegation.
Named-checkzone returns errors that parent zone includes ns rcodes for child.
and named can't load zonefile this case.
>
> --
> JINMEI, Tatuya
--
Manabu Sonoda <manabu-s at iij.ad.jp>
Internet Initiative Japan Inc.
More information about the bind-users
mailing list