Karl O. Pinc wrote: > Someone may be relying on the behavior but, at the moment > or depending on present dns circumstances, does not have > multiple A records returned. In this case no warning will > be generated.
The flip side of that coin is also valid I think. Consider independent configuration of VPN and DNS. Early errors would restrict VPN setup and possibly shipment until after DNS has been set up, while lazy evaluation allows DNS changes to happen later. May be particularly important since DNS has a builtin propagation delay of any changes. I'm not saying I disagree, but that it may be a tradeoff. //Peter
