Open mzealey opened 8 years ago
Same with www.first-online.com
dnssec records again.
This has to do with the fact that by default (with dnssec set to anything but 'off') ask for DNSSEC records (with +DO) from auths and cache that data, then call postresolve
and then (possibly) validate and determine if the client actually wants DNSSEC records (i.e. NSEC and RRSIG). Maybe we should document this.
pdns 4.0.3 with
udp-truncation-threshold=4000
and the following lua script:A dig of a certain domain produces:
so 104 bytes however the lua script logs:
I'm guessing this is perhaps more a documentation update explaining which types of records may in the
postresolve
but not given to the client rather than a bug as such, but I'm not totally sure.