-
Notifications
You must be signed in to change notification settings - Fork 885
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rec: NSEC3 aggressive cache does not work (for empty zones?) #13542
Comments
Hmm, maybe I'm confusing myself. It thought it works for non-empty zones, but now I can't get it to work even for |
1G is not interpreted as 1 gig (shame on us). |
omoerbeek
added a commit
to omoerbeek/pdns
that referenced
this issue
Nov 29, 2023
omoerbeek
added a commit
to omoerbeek/pdns
that referenced
this issue
Nov 29, 2023
7 tasks
Thanks for the report! Fix in linked PR. |
omoerbeek
added a commit
to omoerbeek/pdns
that referenced
this issue
Dec 1, 2023
omoerbeek
added a commit
to omoerbeek/pdns
that referenced
this issue
Feb 14, 2024
Fixes PowerDNS#13542 (cherry picked from commit 257b23b)
omoerbeek
added a commit
to omoerbeek/pdns
that referenced
this issue
Feb 26, 2024
Fixes PowerDNS#13542 (cherry picked from commit 257b23b)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is not a support question, I have read about opensource and will send support questions to the IRC channel, Github Discussions or the mailing list.
I have read and understood the 'out in the open' support policy
Program: Recursor
Issue type: Bug report
Short description
NSEC3 aggressive cache does not work for zones which have only apex and are otherwise empty.
Environment
Steps to reproduce
auth.conf.txt
sudo ip addr add 10.53.0.2 dev lo
named -g -c auth.conf
tcpdump -n -i lo 'host 10.53.0.2 and port 53'
dig @127.0.0.1 $RANDOM$RANDOM.local.testiscorg.ch.
Expected behaviour
Queries stop going out as soon as NSEC3 chain is received. (I.e. first NSEC3 answer because there is just one NSEC3 RR in the whole zone.)
Actual behaviour
Individual queries hit the auth.
Other information
Insane config like this does not help:
The text was updated successfully, but these errors were encountered: