Hi Viktor,
Go implements its own resolver rather than use the local libc's,
e.g. glibc's. All of them are stub resolvers, yes, but if asked to
look up foo.bar.local and /etc/resolv.conf has only the
authoritative bar.local server in it then they get an authoritative
response without a third-party recursive resolver being involved.
[ Perhaps ietf(_at_)ietf(_dot_)org is the wrong list for this discussion. ]
Agreed, it was pointed out to me off list that dnsop(_at_)ietf(_dot_)org would
be
better. I'm happy for it to move, and suggest replies drop the ietf
list from the CC.
For cross-reference, the conversation on ietf starts
https://mailarchive.ietf.org/arch/search/?email_list=ietf&gbt=1&index=wdopuAP2ddLlQcdtX-iAWdUULZ8
Best practice is to not conflate authoritative and recursive DNS
servers. If you put an authoritative rather than a recursive resolver
in /etc/resolv.conf, that's a misconfiguration.
OK.
I have a recursive resolver on 127.0.0.1:53 and an authoritative
nameserver on <public-ip>:53. The /etc/resolv.conf file lists only
the recursive server on the loopback address. The authoritative
server refuses recursive queries.
That still leaves open the question of whether the stub resolvers can
assume, as many have apparently been doing for years, that they will be
given CNAME before A.
Cheers, Ralph.