[ratelimits] RRL vs other approaches
Vernon Schryver
vjs at rhyolite.com
Wed Feb 20 14:21:01 UTC 2013
> From: Tony Finch <dot at dotat.at>
> > I'm probably being stupid. Why wouldn't it be a good for a recursive
> > server to request ANY when talking to an authoritative about a client's
> > request for MX, A, or AAAA in the expectation that the client is
> (Going further off topic, sorry.) Well that's a counterfactual rather than
> a real-world use of ANY queries, but if you tried it you would have to
> weigh up the advantage of getting more data using ANY against the
Today I realize I am being stupid. Trying to recursively resolve
requests for A RRs with ANY requests does not get the NSEC records
required when there are no A records. I now wonder if DNSSEC is a
reason to deprecate ANY. (deprecating ANY to mitigate reflection
attacks is wishful thinking)
oh well. as you say, off-topic.
Vernon Schryver vjs at rhyolite.com
More information about the ratelimits
mailing list