From: Stefan Schmidt <203977+ZaphodB@users.noreply.github.com> Date: Fri, 31 May 2024 12:22:32 +0000 (+0200) Subject: Update pdns/recursordist/docs/appendices/FAQ.rst X-Git-Tag: rec-5.1.0-beta1~8^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b936fdde139a2ec6fdac8c211e210fee9981839f;p=thirdparty%2Fpdns.git Update pdns/recursordist/docs/appendices/FAQ.rst Co-authored-by: Otto Moerbeek --- diff --git a/pdns/recursordist/docs/appendices/FAQ.rst b/pdns/recursordist/docs/appendices/FAQ.rst index 2d545f466d..58ae7b6185 100644 --- a/pdns/recursordist/docs/appendices/FAQ.rst +++ b/pdns/recursordist/docs/appendices/FAQ.rst @@ -87,6 +87,6 @@ For example, in the default setup the root name servers are called ``[a-m].root- This is needed to correctly determine zone cuts to be able to decide if the ``.root-servers.net`` domain is DNSSEC protected. Newer versions solve this by querying the needed information top-down. Starting with version 5.0.0, enabling :ref:`allow-no-rd` allows for queries without the recursion desired bit to be answered from cache. -Older versions of the ``dig`` program provided by ISC do not set the RD bit causing it to sometimes fail to perform a ``+trace`` when asking a freshly restarted :program:`Recursor` despite the :ref:`allow-no-rd` option being set. +Older versions of the ``dig`` program provided by ISC do not set the RD bit on the initial ``+trace`` query causing it to sometimes fail to perform a ``+trace`` when asking a freshly restarted :program:`Recursor` despite the :ref:`allow-no-rd` option being set. This is because there is a short while after restarting that the cache has no authoritative data on the root, so it will answer with an NODATA (NOERROR and no answer records) in that period for RD=0 queries asking for the root name servers. For ``dig`` this has been fixed in `BIND 9.15.1 ` by setting the RD bit. \ No newline at end of file