also sprach W.C.A. Wijngaards <wouter at NLnetLabs.nl> [2008.10.01.1652 +0200]: > No, it does not look like solid theory. I understand it could be > useful in practice. You see, the stub may have returned CNAMEs or > delegations to other servers. Unbound would do the additional > lookups. Results stored in the cache with a TTL. Setting AA flag > for that is not correct. If any part of the answer is answered from cache or a forward- or root-server, clear the bit, obviously. But if everything comes from a stub-zone, there's no reason not to set AA, and there's even no real reason to cache, is there? I would appreciate not having to wait for min-TTL to expire to see changes made to my local zone... -- martin | http://madduck.net/ | http://two.sentenc.es/ "if you can dream it, you can do it" -- walt disney spamtraps: madduck.bogus at madduck.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature (see http://martin-krafft.net/gpg/) URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20081001/6b0fd13c/attachment.pgp>