On 04/11/2017 10:16 PM, Evan Hunt wrote:
On Tue, Apr 11, 2017 at 09:11:54PM +0200, Florian Weimer wrote:
I don't see how you can detect loops without DNS protocol changes.  The
query that comes back will look like a completely fresh query.

We can put a limit on the number of hops that are followed in populating
the A and AAAA records for the expanded ANAME response.  If that limit is
exceeded, the ANAME record could be rejected by the auth; either the zone
wouldn't load or address queries return SERVFAIL.

But what happens when the target server also performs cache filling at the same time?

Thanks,
Florian

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to