only the response has aa flag can be cached?
kcd at chrysler.com
Fri Jan 14 00:11:56 UTC 2011
On 1/11/2011 11:40 PM, pyh at mail.nsbeta.info wrote:
>> These triggered the release of 9.7.2-P1
>> when we were rejecting these after tightening the response processing
>> to treat glue to answer responses as referrals to address the issue
>> of named return glue records from the parent zones rather than the
>> actual answers in the child zones.
> Sorry I'm not the english speaking people.
> What does this statement mean?
To be honest, I'm not sure.
I think the gist is that one may see different AA=0 or AA=1 behavior
from a BIND resolver, even on data originating from authoritative
nameservers, depending on how broken those authoritative nameservers
are, and what version of BIND is in effect. Also, answers from cached
data will be AA=0. So the bottom line: the AA flag can't really be
relied upon by an end-resolver so any caching decision made based on its
setting would be foolish.
More information about the bind-users