* Puneet Sood via dns-operations: > We would be interested in hearing other operator's experience here. > Are recursive servers seeing similar behavior from authoritative > servers? If yes, are you discarding these responses? > Are there authoritative server operators who still need the > flexibility afforded by RFC 1035?
If I recall correctly, while helping to run an academic network I encountered this issue on the authoritative server side. That was close to twenty years ago, and even back then, it did not occur to us to push the resolvers to accept these incorrectly sourced responses, instead of getting the authoritative server operator to fix their setup. Or maybe I'm not correctly remembering things, and it wasn't DNS but Sun RPC. (Hard to believe that even early BIND 4 didn't get this right, and what else could they have been running?) Anyway, in my current world, most recursive DNS servers operate behind some sort of stateful packet filter, so the server operators on their own cannot make these incorrectly source responses work because the systems under their direct control never receive them. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
