[Pdns-dev] precedence of getAuth() and recursion
Norbert Sendetzky
norbert at linuxnetworks.de
Wed Sep 3 01:47:21 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Bert
In packethandler.cc::question() recursion is done before checking if
we are finally authoritive for the domain. IMHO it should be the
other way round: first check, then recurse.
Background:
Up to now, not existent hostnames are first checked against the
database (which fails), then a wildcard search is done (if no
wildcard domains are in the database, this also fails) and after
this, recursion is done. Checking for authority would be done
afterwards, but it is never done because recursion returns almost
ever a SOA record of a root server. As a result, requests for not
existent names are always directed to the root servers (if you use
internal domains like .dom) even if we are authoritive for the
domain.
Norbert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj9VHfkACgkQxMLs5v5/7eC6jQCfdB5i6pI/3amdWuh8jexLyj0X
BjMAn2n63pPynYbEh4Yz6bECOOYVVn95
=GqF/
-----END PGP SIGNATURE-----
More information about the Pdns-dev
mailing list