[Pdns-users] Re: IPv6 testers wanted for snapshot4!
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Feb 11 09:47:07 UTC 2008
On Mon, Feb 11, 2008 at 10:37:09AM +0100,
bert hubert <bert.hubert at netherlabs.nl> wrote
a message of 13 lines which said:
> > This is quite dangerous. With a non-authoritative server, ANY only
> > returns what's in the cache which may be only the A or only the AAAA.
>
> That only hits mis-configured domains though that delegate to
> non-authoritative servers.
There are a lot. There are also a lot of name servers (or rather, the
black box before them) which reply SERVFAIL to ANY queries.
But I disagree: in the process of name resolution, the recursor can
find a legitimate non-authoritative server up in the domain tree,
which has the A but not the AAAA (for instance because it is a
glue). What does PDNS recursor do here? Always check the authoritative
server?
More information about the Pdns-users
mailing list