BIND- MESSAGES - Late CNAME
Simon Waters
Simon at wretched.demon.co.uk
Thu Jul 25 10:07:56 UTC 2002
"Joaquin J. Domens" wrote:
>
> I having lots of this message in my logs since I upgraded to 8.3.3
>
> Jul 25 10:46:29 tdns3 named[12254]: late CNAME in answer section for
> ns1.datahost.com.au A from [139.130.4.5].53
> It looks like the lack of response it's from the server outside not
> mine, but I would like to know if there's something special about this.
Yes it is a protocol violation by the remote name server, not
caused by lack of response, but a corrupt response.
"CNAME and other" would be spat out if you tried to load their
zone in BIND, or a decent name server.
My guess is they are running a Microsoft Name server that is
fairly clueless, based on the "admin." email address, and
non-compliant behaviour [I vaguely recall auditing a site who
had a similar email address, a quick play with an NT box showed
me how you make that mistake, not setting the DNS domain before
running the DNS set up wizard to create the domain, I wonder how
much testing was performed on the GUI].
What is surprising is that ns1.telstra.net returns the same duff
answer, but then I vaguely recall telstra weren't monitoring
telstra's own domains on a routine basis, so I guess nothing
should surprise me.
Anyway it is a problem with the remote name server
configuration, so you can ignore the message, my guess is that
this problem probably won't hurt use much, but then it is a
protocol violation, wouldn't surprise me if some DNS servers
throw such answers away. As IBM would put it, 'under these
conditions the behaviour is not well defined'.
I can't get BIND 9.2.1 to complain about this, so if the warning
really offends you upgrade.
More information about the bind-users
mailing list