Empty authority and additional sections in Dns answers
Kevin Darcy
kcd at daimlerchrysler.com
Mon Mar 8 19:08:58 UTC 2004
Jonathan de Boyne Pollard wrote:
>DB> As far as you know, is there the possibility to configure
>DB> Bind [...] so that it will respond limiting the answer to
>DB> Header, Questions and Answer, emptying the content of
>DB> Authority and Additional sections?
>
>That would be a daft thing to do, as it would change the semantics of several
>kinds of response, including referrals, and would remove important information
>from empty answers and negative answers.
>
It's not so daft. The "minimal-responses" BIND option was created for
this kind of thing, and of course still *includes* Authority and/or
Additional section information, where that information is required by
the RFCs.
><URL:http://perl.plover.com./Questions3.html>
>
>Describe your actual goal.
>
People usually want to do this because they're trying to mix an
internal-root architecture with a forwarding architecture, and find that
their internal caching servers keep getting "poisoned" with Authority
and Additional data for external servers they can't reach. The
"minimal-responses" option *might* be able to help with this, although
I've had no real reason to test it, and I more-or-less agree with you
that it would be better for the original poster to step back and try to
explain what it is that they are trying to accomplish.
- Kevin
More information about the bind-users
mailing list