On 04/11/2017 10:16 PM, Evan Hunt wrote:
On Tue, Apr 11, 2017 at 09:11:54PM +0200, Florian Weimer wrote:
I don't see how you can detect loops without DNS protocol changes. The
query that comes back will look like a completely fresh query.
We can put a limit on the number of hops that are followed in populating
the A and AAAA records for the expanded ANAME response. If that limit is
exceeded, the ANAME record could be rejected by the auth; either the zone
wouldn't load or address queries return SERVFAIL.
But what happens when the target server also performs cache filling at
the same time?
Thanks,
Florian
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
