Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 632
    • Issues 632
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 87
    • Merge requests 87
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source ProjectsISC Open Source Projects
  • BINDBIND
  • Issues
  • #2715
Closed
Open
Issue created May 21, 2021 by Vicky Risk@vickyDeveloper

RFC 8914 - DNSSEC validation failures

From an ISC support customer, another specific use case for extended errors:

"I think our main interest is distinguishing between the class of Server Failed errors that indicate a DNSSEC validation failure and the more transitory sorts (network errors, no authoritative DNS servers available, etc.). We have situations in which we have a DNS server with DNSSEC validation enabled forwarding to another DNS server with validation enabled, and when the forwarder returns Server Failed, it's unclear whether to return that answer to the querier or retry resolution without the forwarder. Does that make sense?"

Assignee
Assign to
Time tracking