> Joe Abley> One nameserver in the delegation set of a particular > Joe Abley> child zone might provide non-authoritative > Joe Abley> responses. By my usage, that nameserver is lame for > Joe Abley> that zone. The delegation of that zone to that > Joe Abley> nameserver is a lame delegation. Identified when > Joe Abley> receiving a response with aa = 0 when aa = 1 was > Joe Abley> expected. Possible causes: wrong nameserver in the > Joe Abley> delegation set, incorrect configuration of the > Joe Abley> nameserver. > > The name server is lame, but the delegation might still work if > there are other name servers in the deletation that are not > lame.
I would like to contest the notion that you cannot speak about the delegation of authority for a single NS record as "lame". While I agree that the delegation as a whole consists of an RRset, most often containing more than one NS record, I also think of the action of adding an NS record to the NS RRset as "delegating authority for the given zone to that name server", and it is then suitable if that name server doesn't provide name service for the delegated zone as it being a (single) "lame delegation". Recursive resolvers will usually detect that a given name server doesn't respond appropriately for a given zone, and avoid trying to use that one to resolve names in the zone, so if you have at least one working name server in the delegation, lookup service will usually succeed, although possibly with needless delay if the non-providing name servers are either probed first or re-probed. Reserving the term "a lame delegation" only for the case where none of the delegated-to name servers serve the delegated zone with DNS lookup service does at least not match my current understanding of the term. > We need a term for when the delegation is lame, and that is > what I call "lame delegation" of a specific zone, and when a > single name server i a delegation is lame, which could be > called lame name server, but it has to be specified for which > zone. If none of the delegated-to name servers actually provide DNS name service for the delegated zone, I would simply call this "broken". :) ...because no matter how hard a recursive resolver tries to provide resiliency for lookups in the given zone, it will not succeed. > Since the term "lame delegation" refer to the delegation it > would be confusing to let it mean something which does not > include the entire delegation. The delegation is more than a > single name server in the delegation. I slightly disagree, see above. Regards, - Håvard _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
