How to I prevent sending additional data to everybody?
Tony Finch
dot at dotat.at
Tue Mar 5 19:07:50 UTC 2019
Grant Taylor via bind-users <bind-users at lists.isc.org> wrote:
>
> My test query is returning the A record for an NS that is out of zone but in a
> different zone on the same server.
>
> something.aaa.example.net. NS ns1.bbb.example.net.
>
> dig is still showing ns1.bbb.example.net's A record in additional data when
> querying (the server that's authoritative for both zones) for
> something.aaa.example.net.
It's not clear to me where the zone cuts are, but I guess what you are
seeing is a referral when outside the allow-recursion ACL, so the server
thinks glue is required; and no additional data inside the allow-recursion
ACL because there's no referral when RD=1 RA=1.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
contribute to the process of peace and disarmament, the elimination
of world poverty, and the collective safeguarding of democracy
More information about the bind-users
mailing list