Open
Description
The external DNS servers do not:
- serve an SOA record at
$delegated_domain
- serve NS records for
$delegated_domain
- serve A records for the NS records for
$delegated_domain
- set the "authoritative" flag on responses
I am not sure if we should also be serving some combination of SOA, NS, and A records for sys.$delegated_domain
and $silo.sys.$delegated_domain
.
At the very least, this has (understandably) confused customers and hindered debugging (because it seems that dig +trace
couldn't follow the chain to the silo-specific domain -- I have not tested this). Several customers have reported no problems with external DNS so it seems this doesn't necessarily break things.