On Mon 2021-11-22 11:27:50 -0500, Ben Schwartz wrote:
> On Fri, Nov 19, 2021 at 6:48 PM Daniel Kahn Gillmor
> wrote:
> ...
>
>> To avoid incurring additional minor timeouts for such a recursive
>> resolver, the pool operator should either:
>>
>
> Nit: These should not be timeouts. The
On Fri, Nov 19, 2021 at 6:48 PM Daniel Kahn Gillmor
wrote:
...
> To avoid incurring additional minor timeouts for such a recursive
> resolver, the pool operator should either:
>
Nit: These should not be timeouts. The non-participating backends are
expected to return TCP RST or ICMP Destination
On Thu 2021-11-11 16:16:24 +, Jim Reid wrote:
>> On 11 Nov 2021, at 15:28, Christian Huitema wrote:
>>
>> It is not uncommon to see upgrades being rolled out at different times to
>> different servers in the farm. Opportunistic strategies and probing
>> strategies have to deal with that.
>
> On 11 Nov 2021, at 15:28, Christian Huitema wrote:
>
> It is not uncommon to see upgrades being rolled out at different times to
> different servers in the farm. Opportunistic strategies and probing
> strategies have to deal with that.
This can be complex. Lots of busy domain names (like
On 11/11/2021 6:49 AM, Ralf Weber wrote:
While the IP address might be a good identifier on where to encrypt to we
recently had a situation where an authoritative server with the same IP did
answer just fine for one domain, but did, because the domain was used in an
attack earlier drop all
Moin!
As technology didn’t work here are the comments I wanted to make on the mic:
The draft mainly seems to focus on a single recursive to authoritative
interaction. Most domains have more then on name server and the selection of
them often is quite complex and differs between implementations