[Unbound-users] Question about qtype=any
Peter Koch
pk at denic.de
Thu Jul 14 09:37:25 UTC 2011
Hi Wouter,
> The solution we would like to implement is that the CNAME is not
> followed for qtype ANY. (and fix DNSSEC-validation of such responses).
> Because it is RFC-conformant and short.
I'd argue that RFC 1034 isn't absolutely clear on this topic, see
<http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-July/001929.html>
Also, when you say "not followed", would this only prevent actively chasing
the CNAME target or would it also prevent data already present in the cache
from being added to the response?
In any case, any optimization should not be seen as an encouragement to
use qtype ANY in applications -- for anything else but debugging.
-Peter
More information about the Unbound-users
mailing list