Clarification on RFC 2606 & 6761 regarding the reserved domains

vinz asked:

I read https://tools.ietf.org/html/rfc2606 and https://tools.ietf.org/html/rfc6761, but I still do not get some details.
Why do https://tools.ietf.org/html/rfc2606 does not explicitly says which response code we should return for the reserved domain?
Is the purpose of https://tools.ietf.org/html/rfc6761 to add additional details?

In https://tools.ietf.org/html/rfc6761, they say:

Instead, caching DNS servers SHOULD, by
default, generate immediate negative responses for all such
queries

Is negative a NXDOMAIN or REFUSED? or is it up to the developer?
At the beginning of the same RFC, it is written:

For this
special "guaranteed nonexistent" name to have any use, it has to be
defined to return NXDOMAIN

Is it applicable here? This is not clear to me why they use the term "negative response".
Also, is this RFC implemented in real world? it looks like dig still query the root servers for those reserved domains.

My answer:


NXDOMAIN is a negative response. REFUSED is a refusal to provide service, and is not applicable here.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.