## page was renamed from DNS/1/返答/referral == DNS/返答/referral == <>  <> == 参照返答 == DNS問合せに対する5種類の返答([[DNS/返答/DJBの分類]])のうちのひとつである。 [[DNS/返答/delegation]] を示すためにも使われる。 安全のためには、リゾルバーはdelegationではないreferral返答は無視すべきだ。[[../参照返答]] 当初は毒盛の危険性は想定されていなかった) == 形 == Answer Sectionにレコードはなくて、Authority SectionにNSが含まれている。 {{{ A referral (a list of two or more name servers and IP addresses tha are closer the next level down in the name hierarchy to the requested domain ... }}} http://www.rfc-editor.org/rfc/rfc2308.txt sections 2.1 and 2.2 http://www.shortestpathfirst.net/2009/11/12/hardening-dns-against-reflection-attacks-and-flooding-attacks/ http://www.tech-faq.com/understanding-dns-queries-and-lookups.html {{{ Referral answer: A referral response is returned if the DNS server does not support recursion. A referral contains additional resource records for resolving the request. }}} RFC1034 2章より {{{ - Clients of the domain system should be able to identify trusted name servers they prefer to use before accepting referrals to name servers outside of this 'trusted' set. }}} きちんと定義されているのだろうか。(DNSが作られた目的と背景をよく考えてみよう。)  名前解決のための助け合いの活動だったような印象だ。(私は「知らないので、XXさんに聞いてみて」という感じ) [[/rfc1034]]   %grep -n -i -2 referral rfc1035.txt {{{ 148-resolver processes a user query it asks a known name server for the 149-information; in return, the resolver either receives the desired 150:information or a referral to another name server. Using these 151:referrals, resolvers learn the identities and contents of other name 152-servers. Resolvers are responsible for dealing with the distribution of 153-the domain space and dealing with the effects of name server failure by -- 968- 969-NS records cause both the usual additional section processing to locate 970:a type A record, and, when used in a referral, a special search of the 971-zone in which they reside for glue information. }}} == draft == Please See Below: Use Only Downward Referrals in the DNS draft-sullivan-dnsop-refer-down-00 https://tools.ietf.org/id/draft-sullivan-dnsop-refer-down-00.html