Hi Shawn, On 08/02/2017 08:47 AM, Shawn Zhou wrote: > Sorry. I meant the authoritative nameserver did respond with the correct > answer.
The authoritative server answers with a EDNS Client Subnet scope set to 0 when we send a query with a source set to 127.0.0.1/32, meaning that we can cache the answer and use it for any source: $ dig @ns1.insnw.net +subnet=127.0.0.1 morpheus-ien.insnw.net ; <<>> DiG 9.11.2 <<>> @ns1.insnw.net +subnet=127.0.0.1 morpheus-ien.insnw.net ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41118 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: b560d095f78df047eb13a9a85981941eb2b38c5376e87bb2 (good) ; CLIENT-SUBNET: 127.0.0.1/32/0 [...] Once this answer is in our cache, we will use it until it expires and won't look for most specific answers, regardless of the ECS value of the query. -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
