On 6/20/19 7:16 AM, Remi Gacogne wrote: > On 6/20/19 4:01 PM, Mike wrote: >> I think you got it - the AA bit isn't set, so they are going to be >> failing lots of places. I noticed however that googledns didn't seem to >> have a problem with it. Wondering if this 'relaxed functionality' is >> just suicidal on google's part or perhaps a future enhancement possibility? > We used to try hard to be forgiving but this led to several issues, > especially when DNSSEC was involved, so we tend to be more strict with > regard to clear protocol violations. > > Best regards,
Correct behavior is probably the best course of action. Is there any logging I can enable that will point out instances like this in the future where a response is being dropped for similar reasons? (thats not as verbose as 'trace-regex')? Thanks again. _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
