Ray Bellis wrote:
... returning NOTIMP for ANY queries, ... ... My reading of RFC 1035 is that it would be a perfectly appropriate response from a server that doesn't support ANY.
the RFC was treated as a general guideline by most implementers, and once the code for some client or server appeared to work, it was shipped. it is that code which constraints our work now, not the RFC.
Unfortunately the retry semantics of DNS are not well specified and therefore implementation differences may occur. If as a result NOTIMP is really not usable then IMHO this should also be documented.
i think you'll find that NOTIMP causes try-next-server for many clients, but without poisoning, so if all servers return NOTIMP, then all those same servers will be tried again, without delay.
sometimes, withholding a response is the only way to keep the client out of this bombardment-mode. sometimes returning something poisonous like ANCOUNT=0 is nec'y. again, our guide today is how to get clients to do something constructive, ideally constructive for both them and us. it doesn't have to be true, and it doesn't have to be documented in an older RFC.
i agree that writing a new RFC whenever something like this is found to be necessary, and putting into that RFC more specific advice to client implementers so that the future might possibly improve, is a great idea.
-- P Vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
