[Pdns-dev] precedence of getAuth() and recursion

Norbert Sendetzky norbert at linuxnetworks.de
Wed Sep 3 01:47:21 CEST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Bert

In packethandler.cc::question() recursion is done before checking if 
we are finally authoritive for the domain. IMHO it should be the 
other way round: first check, then recurse.

Background:
Up to now, not existent hostnames are first checked against the 
database (which fails), then a wildcard search is done (if no 
wildcard domains are in the database, this also fails) and after 
this, recursion is done. Checking for authority would be done 
afterwards, but it is never done because recursion returns almost 
ever a SOA record of a root server. As a result, requests for not 
existent names are always directed to the root servers (if you use 
internal domains like .dom) even if we are authoritive for the 
domain.


Norbert

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj9VHfkACgkQxMLs5v5/7eC6jQCfdB5i6pI/3amdWuh8jexLyj0X
BjMAn2n63pPynYbEh4Yz6bECOOYVVn95
=GqF/
-----END PGP SIGNATURE-----



More information about the Pdns-dev mailing list