On 2024-04-26 16:28, Mark Andrews wrote:
DS records live in the parent zone and the RFC 1034 rules for serving zone
break down when a grandparent zone and child zone are served by the same
server. This is corrected be the client by looking for intermediate NS records
to find the hidden delegations then resuming the DS lookup.
Named was looking up theses NS records I.e. chasing the DS servers. This can
result in named finding delegation errors. QNAME minimisation also exposes
these errors as it also does NS queries. Garbage in breakage out.
Hi Mark,
Ah, ok, I believe I've got it now - thanks for you explanation!
- J
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
