strange response to the DS request

[神明達哉]

At Fri, 4 Mar 2016 14:07:03 +0900,
Manabu Sonoda <manabu-s at iij.ad.jp> wrote:

> I find the the strange response to the DS request.
> That response answer type is CNAME.
>
> This can happen if Child and Parent zone in same nameserver and
> Parent zone does not have NS recode for Child zone and
> Parent zone have CNAME recode with the same name as Child zone.

Do you mean, for example, if you configure a BIND 9 named as follows:

- master zone 'example.com' which has the following CNAME:
  www.example.com'. CNAME www.example.net.
- master zone 'www.example.com'

and send a query for www.example.com/DS, then named returns the above
CNAME?

If so, I agree it looks odd, and we might say it's against Section
2.2.1.2 of RFC3658 (if we superficially applied this section the answer
would be NOERROR-NODATA with the SOA of www.example.com).

But I'd say it's not specific to CNAME.  if you include
www.example.com/AAAA in the example.com zone instead of CNAME, the
response to www.example.com/DS will be NOERROR-NODATA but with the SOA
for example.com, not www.example.com.  It might look less odd, but
would still be considered broken.

Also, if you configure named as follows instead:

- master zone 'example.com' which has the following CNAME:
  www.zzz.example.com'. DNAME www.example.net.
- master zone 'www.zzz.example.com'

and send a query for www.zzz.example.com/DS, named will return the
DNAME.  This is another example to show it's not CNAME specific.

I'm not sure whether we should do something about it, though.  As you
pointed out, the configuration is already so broken: there's even no
delegation from the parent (or ancestor) to the child zone, so I'm not
sure if we can define any valid behavior in such a case based on
RFC3658 or any other standard document.

So I'm wondering: is this something odd you just happen to find in a
test environment or something, or is there any practical issue because
of that?

--
JINMEI, Tatuya