[Dnssec-trigger] Is Dnssec-trigger a resolver or a stub-resolver ?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Dec 5 13:59:28 UTC 2011
On Thu, Dec 01, 2011 at 11:17:17AM -0500,
Olafur Gudmundsson <ogud at ogud.com> wrote
a message of 30 lines which said:
> A standard recursive resolver will randomize which upstream
> resolvers it talks to. Most stub-resolvers on the other hand will
> ask resolvers in the order provided.
As you know, it is not standard (it is common, yes, but you cannot
rely on it).
> DNSSEC-Trigger seems to send queries to the 3 resolvers by random,
> this is causing a minor interoperability issue due to split-DNS
> usage
I would say that, if the DHCP server returns three resolvers and they
do not have the same data (split-view), then, you had a problem even
before dnssec-trigger.
> I'm not sure which behavior DNSSEC-Trigger should follow
I'm happy with the current behavior. For me, dnssec-trigger is a full
resolver and randomizes among its forwarders.
More information about the dnssec-trigger
mailing list