On Mon, Apr 15, 2019 at 1:17 PM Bart Mortelmans <power...@bart.bim.be> wrote:
> It seems like this doesn't cause any problems in the real world, only in a > test like the one on internet.nl. But as far as I can tell, it's not okay > with RFC8020. > Very interesting read, thanks. I was looking for such a rule in other RFCs while writing a reply to Steffan, but it appears to be in a separate RFC on its own. :-) The important take from that RFC seems to be: > Since the domain names are organized in > a tree, it is a simple consequence of the tree structure: > nonexistence of a node implies nonexistence of the entire subtree > rooted at this node. FWIW, PowerDNS is not stating to be compliant with that RFC. [1] :-( However, it is mentioned on the Hello DNS explanatory pages. [2] [1]: https://www.powerdns.com/compliance.html [2]: https://powerdns.org/hello-dns/basic.md.html#that'sitforbasicdns!/furtherreading/rfc8020:nxdomain:therereallyisnothingunderneath > And I tested some other nameservers (Google cloud DNS, Dyn.com and Yadifa > happened to be easy to test for me) and I can confirm that they all do > return "NOERROR" instead of "NXDOMAIN" if a sub-host exists. > > The situation still seems to be the same in the upcoming PowerDNS 4.2 with > MySQL backend (I didn't test other backends) > I'm running PowerDNS Authoritative 4.2.0-rc1 with the BIND Backend and it responds as it should, without having any RR on name '_domainkey' for the zone! The domain passes the test just fine. Perhaps this is specific to the backend? > The only solution to this "problem" (or to get through the test...) I have > found was to create any other record type on _domainkey (obviously not > CNAME or NS, but any other record type should be okay). > Hmm, meh. @Steffan: What version of PowerDNS & backend are you using? HTH
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
