strange response to the DS request

[Manabu Sonoda]

On Fri, 4 Mar 2016 10:49:50 -0800
神明達哉 <jinmei at wide.ad.jp> wrote:

> I'm not sure whether we should do something about it, though.  As you
> pointed out, the configuration is already so broken: there's even no
> delegation from the parent (or ancestor) to the child zone, so I'm not
> sure if we can define any valid behavior in such a case based on
> RFC3658 or any other standard document.
> 
> So I'm wondering: is this something odd you just happen to find in a
> test environment or something, or is there any practical issue because
> of that?
That found product environment...
Our full resolver was sometimes return the CNAME record.
That parent zone TTL is greater than child zone TTL.


I known this is miss-configuration that NS Delegation.
Named-checkzone returns errors that parent zone includes ns rcodes for child.
and named can't load zonefile this case.



> 
> --
> JINMEI, Tatuya


-- 
Manabu Sonoda <manabu-s at iij.ad.jp>
Internet Initiative Japan Inc.