Bert,

bert hubert <bert.hub...@powerdns.com> wrote:

> Resolvers rarely if ever send out AA=1 answers. If you literally want to
> forward packets, dnsdist may be a better choice.
> 
> Is the current behaviour causing you problems? If so can you tell us about
> those problems?

I can probably use dnsdist (I only just learned about it today), but given the 
description of the recursor's forward-zones option I assumed it was meant to 
"delegate" certain zones to authoritative servers, and I would've expected it 
to pass through the AA=1 bits coming back from such an authoritative server.

To explain what I'm trying to do: I want to serve a zone of dynamic A records 
referenced from SPF records with "exists:%{i}" mechanisms from a little custom 
DNS server, but I want to front this server with something that I trust to 
implement the DNS protocol robustly and securely. So I'll give dnsdist a try 
next.

Thanks!

-Julian

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to