[nsd-users] DNSSEC question
dk at hostmaster.ua
Mon Apr 4 21:54:47 UTC 2016
On 4 квіт. 2016 р., at 23:32, Peter Hessler <phessler at theapt.org> wrote:
> No. DNS does not have "an order".
Indeed. Apart from record types which include weight field (MX, SRV). Perhaps author wants AAAA tried before A in case if "smart" resolver omits DNSSEC-unsigned responses?
This is orthogonal to presence of DNSSEC in the zone, and is on client side only.
So please specify your problem more precisely: is that a resolver/cache you control, zone, or both?
> On 2016 Apr 04 (Mon) at 13:29:15 -0700 (-0700), Michael A. Peters wrote:
> :Sometimes when a owner has multiple A (or AAAA) records, recursive resolvers
> :change the order in which a client receives them.
> :Does DNSSEC force them to be in the same order or is the order still subject
> :to change and the whim of a recursive server?
> :What I am trying to do is set up fall-back IP addresses in case a particular
> :IP address is offline, and trying to find work-around for a lack of order
> :preference (like MX records have) in A/AAAA records.
> :I use DNSSEC anyway and am *hoping* that means DNSSEC enforcing resolvers
> :will preserve the order the records have coming from the authoritative
> :Thanks for suggestions.
> Cable is not a luxury, since many areas have poor TV reception.
> -- The mayor of Tucson, Arizona, 1989
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
More information about the nsd-users