Hi
As per RFC 6604, section 3
When an xNAME chain is followed, all but the last query cycle
necessarily had no error. The RCODE in the ultimate DNS response
MUST BE set based on the final query cycle leading to that
response. If the xNAME chain was terminated by an error, it will
be that error code. If the xNAME chain terminated without error,
it will be zero.
This is a little vague on two accounts:
1. What would be the error code if the server decides to curtail the CNAME
chain after a certain length (say 20). Is it still success or do we indicate in
some other way.
2. If the CNAME chain points to a Qname for which the auth server is
non-authoritative (and recursion is disabled on the auth server.) The server in
this case cannot get the response. A direct query for this Qname will result in
SERV_FAIL. Should the auth server return SERV_FAIL in this case? Will resolvers
respect answers with SERV_FAIL in RCODE and cache the partial response?
[ I have asked the same in IETF groups as well ]
Thanks
Ashu
Program Manager | Windows Networking| DNS & SDN
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
