On Wed, 7 Mar 2012 17:59:48 +0100, Olaf Kolkman <[email protected]> wrote: > On Mar 7, 2012, at 4:49 PM, Tony Finch wrote: > >> Olaf Kolkman <[email protected]> wrote: >>> >>> But you could reasonably ask whether those load balancing properties >>> should be under the control of the authoritative or the recursive name >>> server. >> >> Indeed :-) >> >> The problem with saying it must only be the authority's job is that in >> situations like ours (which being a university is I guess not that >> different from Thijs's) the user population do not use very many >> different >> resolvers, so the authorities do not get the opportunity to serve up lots >> of different RR set orderings, unless you go for ridiculously short TTLs. > > > So, you want to do traffic management to infrastructure within your own > administrative domain with the resolver. If that is indeed the use case it > is an argument for making an option like this configurable on a per domain > basis, when you consciously want to overwrite the intention of the domain > holder.
The order of records in an rrset is not defined: it's a set. If you return them in a different order at the resolver, you're not overwriting any 'intention' of the domain holder, as there's no expressed intention. Set (a,b,c) is the same set as (a,c,b), afterall. I would not be in favour of such a configuration option, as that adds complexity to the proposed patch which in my opinion is not needed: if auth returns (a,b,c) and resolver returns (a,c,b), both have returned the exact same set. What would you want to gain with such an option? -- Thijs Kinkhorst <[email protected]> – LIS Unix Universiteit van Tilburg – Library and IT Services Bezoekadres > Warandelaan 2 • Tel. 013 466 3035 • G 236 _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
