cname chaining with bind8 and 9

Barry Margolin barmar at genuity.net
Mon Jan 8 16:11:50 UTC 2001 

In article <93cnf6$9gi at pub3.rc.vix.com>,
Christophe Deleuze  <deleuze at ActiVia.net> wrote:
>If I use bind 8, this is what happens:
>
>bash# dig @bind8-dns www.francecast.com
>
>; <<>> DiG 8.2 <<>> @bind8-dns www.francecast.com 
>; (1 server found)
>;; res options: init recurs defnam dnsrch
>;; wrong query name:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>;; QUERY SECTION:
>;;      cov-l.map.cannes.example.com, type = A, class = IN
>
>;; ANSWER SECTION:
>cov-l.map.cannes.example.com.  10S IN CNAME  cov-l.proxies.cannes.example.com.
>
>;; wrong query name:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
>;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
>;; QUERY SECTION:
>;;      cov-l.proxies.cannes.example.com, type = A, class = IN
>
>;; ANSWER SECTION:
>cov-l.proxies.cannes.example.com.  10S IN CNAME  cannes-dns.example.com.
>cannes-dns.example.com.  26m38s IN A  192.168.3.100
>
>;; AUTHORITY SECTION:
>example.com.   1d23h46m9s IN NS  DNS.example.com.
>
>;; ADDITIONAL SECTION:
>DNS.example.com.  1d23h46m9s IN A  194.206.157.97
>
>;; res_nsend to server bind8-dns: Connection timed out
>bash# 

I tried to reproduce your problem, but I ran into the following problem:
the world.activia-networks.com domain, which is part of your CNAME chain,
is delegated to a private address:

% dig world.activia-networks.com ns @dns.activia-networks.com

; <<>> DiG 8.1 <<>> world.activia-networks.com ns @dns.activia-networks.com 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION:
;;	world.activia-networks.com, type = NS, class = IN

;; ANSWER SECTION:
world.activia-networks.com.  50M IN NS  world-dns.activia-networks.com.

;; ADDITIONAL SECTION:
world-dns.activia-networks.com.  50M IN A  192.168.2.100

This is not valid (unless this subdomain is only supposed to be used
internally within your organization).

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list