Hi DNS people,
PowerDNS has now also implemented the ISC 'no-delegation' semantics which, I
must say, are pretty nifty. Thanks, ISC.
This is the brunt of the patch:
if(aabit && d_lwr.d_rcode==RCode::NoError
&& i->d_place==DNSResourceRecord::ANSWER &&
arg().contains("delegation-only",auth))
{
LOG<<"NO! Is from delegation-only zone"<<endl;
return RCode::NXDomain;
}
Not sure if this exactly equals ISC semantics but it appears to work here.
However, I'm wondering now, would it be opportune to negatively cache this
result?
I haven't yet formed an opinion yet, interested in yours.
Thanks.
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
#----------------------------------------------------------------------
# To unsubscribe, send a message to <[EMAIL PROTECTED]>.
