Maintained by: NLnet Labs

[Unbound-users] Question about qtype=any

Peter Koch
Thu Jul 14 11:37:25 CEST 2011


Hi Wouter,

> The solution we would like to implement is that the CNAME is not
> followed for qtype ANY.  (and fix DNSSEC-validation of such responses).
>  Because it is RFC-conformant and short.

I'd argue that RFC 1034 isn't absolutely clear on this topic, see
<http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-July/001929.html>

Also, when you say "not followed", would this only prevent actively chasing
the CNAME target or would it also prevent data already present in the cache
from being added to the response?

In any case, any optimization should not be seen as an encouragement to
use qtype ANY in applications -- for anything else but debugging.

-Peter