Comment by icebraining
7 years ago
I don't see what they can do, short of sending fake DNS replies with their own webserver IPs, which is worse for the integrity of DNS.
7 years ago
I don't see what they can do, short of sending fake DNS replies with their own webserver IPs, which is worse for the integrity of DNS.
Shouldn’t there be some kind of standard DNS response for this? There are dozens of different HTTP status codes for all kinds of scenarios. Doesn’t DNS have something like that? I know almost nothing about DNS, I’m just curious.
The thing is, the server sends a real response, it's just not the same response as it sends to other recursive resolvers.
Imagine it's HTTP, and the site sent a 404 to your proxy, but you knew it generally sent a 200 to other proxies, what should you do? Send the 404, or override it with your own status code? Cloudflare is saying they are not OK with overriding codes.