[Pdns-users] pdns_recursors trusts addtional section where it better shouldn't
Pieter Lexis
pieter.lexis at powerdns.com
Fri Feb 17 11:34:34 UTC 2017
Hi Thoomas,
On Fri, 17 Feb 2017 11:39:51 +0100
Thomas Mieslinger <miesi at india.com> wrote:
> Why trusts pdns_recursor records from answers without aa bit set?
While resolving, this is the only thing we can trust. And this answer is cached as well. This speeds things up tremendously.
We could try to be more resilient against this when retrieving this information from the cache, but we do not blindly trust additional information.
--
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com
More information about the Pdns-users
mailing list