“If none of the name servers in the delegating NS RRset responds with an authoritative answer for the zone delegated then that zone has a lame delegation. If a name server cannot be resolved into an IP address or cannot be reached of UDP port 53 then that is, for this definition, equal to not respond with an authoritative answer.”
Sometime a cached delegation becomes lame when the NS RRset is fetched from the zone, and none of the name servers in the zone NS RRset responds with an authoritative answer. If “lame delegation” is defined in such a way that it is enough with one failing name server in the delegation, the term becomes less useful. DNS usually forgives one failing name server. Yours, Mats --- Mats Dufberg mats.dufb...@internetstiftelsen.se<mailto:mats.dufb...@internetstiftelsen.se> Technical Expert Internetstiftelsen (The Swedish Internet Foundation) Mobile: +46 73 065 3899 https://internetstiftelsen.se/ From: DNSOP <dnsop-boun...@ietf.org> on behalf of paul=40redbarn....@dmarc.ietf.org <paul=40redbarn....@dmarc.ietf.org> Date: Sunday, 9 April 2023 at 09:32 To: Paul Hoffman <paul.hoff...@icann.org>, dnsop@ietf.org <dnsop@ietf.org> Subject: Re: [DNSOP] [Ext] Meaning of lame delegation "If one or more authoritative servers designated by the delegating NS rrset or by the apex NS rrset answers non-authoritatively for a zone, that zone is said to have a lame delegation." p vixie On Apr 9, 2023 04:13, Paul Hoffman <paul.hoff...@icann.org> wrote: I have been on vacation this week and am just seeing this thread now. Now that a bunch of people have spoken up on the topic, if someone wants to propose a *specific* change to the definition in draft-ietf-dnsop-rfc8499bis, this would be a very good time to do it, given that we are after WG Last Call but waiting for AD writeup. Otherwise, the current wording will be used for IETF Last Call. --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
