On Mon, Feb 11, 2008 at 10:37:09AM +0100, bert hubert <[EMAIL PROTECTED]> wrote a message of 13 lines which said:
> > This is quite dangerous. With a non-authoritative server, ANY only > > returns what's in the cache which may be only the A or only the AAAA. > > That only hits mis-configured domains though that delegate to > non-authoritative servers. There are a lot. There are also a lot of name servers (or rather, the black box before them) which reply SERVFAIL to ANY queries. But I disagree: in the process of name resolution, the recursor can find a legitimate non-authoritative server up in the domain tree, which has the A but not the AAAA (for instance because it is a glue). What does PDNS recursor do here? Always check the authoritative server? _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
