>> NEW
>> For instance, some authoritative name servers embedded in load
>> balancers reply properly to A queries but send REFUSED to NS queries.
>> This behaviour violates the DNS protocol (see Section ??? of [RFC??],
>> and improvements to the DNS are impeded if we accept such behaviour
>> as normal.
>> END
>
>Does anyone has an idea of the reference to use to replace the "???"
Given that it doesn't seem to be a protocol violation, I'd suggest this:
For instance, some authoritative name servers embedded in load
balancers reply properly to A queries but send REFUSED to NS queries.
This behavior causes a variety of problems, such as invalid negative
answers, that are so severe that it is unreasonable to expect clients
to interoperate with them reliably and so there is no point in trying to
work around them.
R's,
John
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
