copying the question section

Michael Richardson mcr at sandelman.ottawa.on.ca
Sun Aug 4 16:20:26 UTC 2002


-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Paul" == Paul Vixie <paul at vix.com> writes:
    Paul> bind has always copied the question section into the response.  some versions
    Paul> (notably the ill-fated 4.9.2) demanded to see this, but earlier and current
    Paul> versions only demand that the question section in the response match the one

  So, as I understand this, it will only affect people running old resolvers.

  Unfortunately, the resolvers in libc on many systems have not kept up with
the state of the art, so this may affect more people than one might think
from looking at how many copies of bind 4.9.2 server are deployed.

    Paul> or we could try an adaptive strategy: if truncation occurs while building a
    Paul> response, then try it again with an empty question section, and if truncation
    Paul> still occurs, then give up and set the TC bit.

    Paul> i'm in favour of that last approach.  anybody else got strong views on it?

  I would say that it is a good idea.
  Given EDNS0, the answer is unlikely to grow unless the client is ready for
it, in which case they probably aren't running such an old resolver client.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPU1USIqHRg3pndX9AQERHwP/Yzm3/DWl8oLiBPtzVqL0Jevcgt6KDDvI
b0NXBwZBkdRVlOpRF+42wn2umFYa8o3Xcx2b8Qj1UmHe6pmwczkq+hLagjSnSn9S
oyNNLqZ8k2/sPOvgbjBXiOtxVgnCA6JqPJRtyNLCMN+KfkfxM+lUYn6ZDmwQXol/
C3Y8ogjhE4k=
=TQTf
-----END PGP SIGNATURE-----


More information about the bind-workers mailing list