On 4/2/19 7:31 PM, Olli Vanhoja wrote: > On Tue, Apr 2, 2019 at 6:03 PM Tony Finch <d...@dotat.at> wrote: >> WRT loop detection, it is much easier if the additional section in the >> response from the resolver contains the chain(s). The draft doesn't >> specify that at the moment; maybe it should. > Why is it easier? I would think some people may even want to hide the > chain, even though it doesn't exactly hide the provider behind the > final IP.
If you return an empty SERVFAIL, your client (resolver) can't know it shouldn't retry and can't know how long not to retry. I posted more details on the GitHub ticket. --Vladimir (Knot Resolver)
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop