On Mon, Jan 15, 2018 at 4:39 PM, Andrew Sullivan <a...@anvilwalrusden.com> wrote:
> Hi all, > > Some of you will perhaps recall that previous efforts at text on > referrals were unsuccessful. I've had another go. I _think_ it > addresses all the comments so far, without actually causing the > terminology draft to drift into prescribing protocol. It is > unfortunately quite a bit longer, but that seems to be the cost of > making all the points from the discussion. Thoughts are solicited: > > Referral: A type of response in which a server, signalling that it > is not (completely) authoritative for an answer, provides the > querying resolver with an alternative place to send its query. > Referrals can be combined with partial answers. > > A referral arises when a server is not performing recursive > service while answering a query. It appears in step 3(b) of the > algorithm in [RFC1034], Section 4.3.2. > > There are two types of referral response. The first is a downward > referral (sometimes described as "delegation response"), where the > server is authoritative for some portion of the QNAME. The > authority section RRset's RDATA contains the name servers > specified at the referred-to zone cut. In normal DNS operation, > this kind of response is required in order to find names beneath a > delegation. The bare use of "referral" means this kind of > referral, and many people believe that this is the only legitimate > kind of referral in the DNS. > > The second is an upward referral (sometimes described as "root > referral"), where the server is not authoritative for any portion > of the QNAME. When this happens, the referred-to zone in the > authority section is usually the root zone (.). In normal DNS > operation, this kind of response is not required for resolution or > for correctly answering any query. There is no requirement that > servers send them. Some people regard upward referrals as a sign > of a misconfiguration or error. > > A response that has only a referral contains an empty answer > section. It contains the NS RRset for the referred-to zone in the > authority section. It may contain RRs that provide addresses in > the additional section. The AA bit is clear. > > In the case where the query matches an alias, and the server is > not authoritative for the target of the alias but it is > authoritative for some name above the target of the alias, the > resolution algorithm will produce a response that contains both > the authoritative answer for the alias, and also a referral. Such > a partial answer and referral response has data in the answer > section. It has the NS RRset for the referred-to zone in the > authority section. It may contain RRs that provide addresses in > the additional section. The AA bit is set, because the first name > in the answer section matches the QNAME and the server is > authoritative for that answer (see [RFC1035], section 4.1.1). > > -- > Andrew Sullivan > a...@anvilwalrusden.com > That sounds clear and complete to me! -- Bob Harold
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
