1192
Comment:
|
← Revision 3 as of 2020-08-17 23:36:55 ⇥
1208
|
Deletions are marked like this. | Additions are marked like this. |
Line 7: | Line 7: |
== RCODO REFUSED == | == RCODE REFUSED == |
Line 15: | Line 15: |
Ralph Dolmans: Unboud qname minimisation | == Unbound == Ralph Dolmans: Unbound qname minimisation |
1. DNS/qname-minimisation/refused返答
/CNAME返答 /RFC /RIPE /broken_CDN /maeno /negative-caching /possible-issues /refused返答 /unbound /検索例 /検索例2 /毒盛対策 |
1.1. RCODE REFUSED
qname minimisation の観点からは、REFUSEDはNXDOMAINではないようだ。
- 次(前)のラベルを試すらしい。 これなら、検索不能にはならない。(でも、それでいいのか)
awsdnsで親ゾーンはないが、www付きのゾーンがあるものを見かけた。(さくらにもあった。)
- unboundでは特に問題なく引けている。
-- ToshinoriMaeno 2019-09-18 02:10:26
1.2. Unbound
Ralph Dolmans: Unbound qname minimisation https://nlnetlabs.nl/downloads/presentations/unbound_qnamemin_oarc24.pdf
page 14
Other wrong RCODEs $ dig ns www.limburg.nl | grep status;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14956 -Also: REFUSED on QTYPE=NS
OARC 24 (Buenos Aires) - March 2016 https://www.nlnetlabs.nl/ page 15
When to stop resolving?
- We can't ignore the RCODE and continue resolving
- We can't trust the RCODE and stop resolving
- Stop minimisation when RCODE is not NOERROR
- –DONOT_MINIMISE_STATE: send full QNAME and original QTYPE
- Not conform RFC