Validating zones as a slave?
Paul Vixie
paul at redbarn.org
Wed Sep 16 15:21:34 UTC 2015
Evan Hunt wrote:
> On Wed, Sep 16, 2015 at 01:15:52PM +0200, Lars-Johan Liman wrote:
>>> (It has other benefits as well; you don't get spurious AA bits
>>> in your client responses.)
>> Why are AA bits in client responses a negative thing?
>
> In fact, Tony correctly interpreted my dumbness: I remembered
> previously discussing the the AD flag in this context, and my
> brain overoptimized the expansion of "A*". I should hire him
> to follow me around and tell people what I meant to say.
possibly so.
> AA=1 *is* wrong, but I'm not aware of any clients that would
> be harmed by that.
i don't agree that AA=1 is wrong.
BIND4/BIND8 used to pass through the full response, including the AA bit, on cache misses. so a client would see AA=1 on the first request for a given rrset, and AA=0 afterward.
this was not wrong. i demanded it be changed for BIND9, but not because it was wrong. rather, in BIND9 i wanted all responses to be generated from the cache, and never passed through. so, AA=0 on all RD=1 responses from BIND9, but as a side effect, not as a correctness matter
--
Paul Vixie
More information about the bind-workers
mailing list