On Tue, May 2, 2023 at 11:09, Peter Thomassen <[pe...@desec.io](mailto:On Tue,
May 2, 2023 at 11:09, Peter Thomassen <<a href=)> wrote:
> If one of the NS answers non-authoritatively, then it doesn't serve a proper
> NS RRset, so it's not possible for that server's response to agree / be
> identical with that on the parent side. As a result, the delegation (to that
> server) is lame, isn't it?
A nameserver can answer authoritatively for a particular query without being
listed in any zone's NS RRSet.
A response from a server doesn't necessarily include an NS RRSet anyway.
Whether or not two different servers that serve the same zone serve the same
zone contents might be a sign of a problem, or it might be normal (e.g. a
consequence of the loose coherence that is an accepted and acceptable
consequence of DNS's standard replication mechanisms).
>
There are lots of things that can be wrong with DNS operations in general and
with delegations in particular. A lame delegation is just one of them.
Joe
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
