Florian Weimer <[email protected]> wrote: > > This will still break things because prior to the change, large > authoritative ANY responses are truncated without setting TC=1.
That isn't true for BIND or ATLAS. NSD I'm not sure about since the root servers that run NSD send minimal truncated responses to ANY queries, and I don't know of other handy NSD servers to test. ; <<>> DiG 9.9.2-vjs340.03-P1 <<>> +noedns +norec +ignore any cam.ac.uk @131.111.8.37 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52413 ;; flags: qr aa tc; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ; <<>> DiG 9.9.2-vjs340.03-P1 <<>> +noedns +norec +ignore any . @a.root-servers.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5963 ;; flags: qr aa tc; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0 ; <<>> DiG 9.9.2-vjs340.03-P1 <<>> +noedns +norec +ignore any . @k.root-servers.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38224 ;; flags: qr aa tc; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > Some breakage is unavoidable. Considering that ANY queries rarely > give the results expected by the sender, refusing them outright makes > sense to me. Authoritative servers should give the expected results to ANY queries. Caches, not so much. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
