Strange named-checkzone behaviour

Wed Nov 22 23:57:37 UTC 2006

> Hi,
> 
> I will use named-checkzone to check the right syntax etc. of my zonefiles.
> 
> Today I tried it out an I see the following error:
> 
> # named-checkzone ultental.eu /var/named/var/named/master/db.ultental.eu
> zone ultental.eu/IN: ultental.eu/MX 'mail.enas.net' (out of zone) is a 
> CNAME (illegal)
> zone ultental.eu/IN: loaded serial 2006120701
> OK
> 
> named-checkzone reports that "mail.enas.net" is a CNAME and thats 
> illegal in MX-Records. But the RRs "mail.enas.net" is not a CNAME. It's 
> a usual A-Record.

	named-checkzone uses getaddrinfo().

        result = getaddrinfo(namebuf, NULL, &hints, &ai);
        dns_name_format(name, namebuf, sizeof(namebuf) - 1);
        switch (result) {
        case 0:
                if (strcasecmp(ai->ai_canonname, namebuf) != 0) {
                        if ((zone_options & DNS_ZONEOPT_WARNMXCNAME) != 0)
                                level = ISC_LOG_WARNING;
                        if ((zone_options & DNS_ZONEOPT_IGNOREMXCNAME) == 0) {
                                dns_zone_log(zone, ISC_LOG_WARNING,
                                             "%s/MX '%s' (out of zone) "
                                             "is a CNAME (illegal)",
                                             ownerbuf, namebuf);
                                if (level == ISC_LOG_ERROR)
                                        answer = ISC_FALSE;
                        }
                }
                freeaddrinfo(ai);
                return (answer);

	I suspect that your getaddrinfo() is performing a reverse
	lookup on the address and is getting dns.enas.net.

	Mark
 
> Zonefile of ultental.eu:
> $TTL 1d
> @ IN SOA dns.enas.net. bind.enas.net. (
>                  2006120701      ; Seriennummer
>                          1d      ; Refresh von einem Tag
>                          1h      ; Retry nach 1 Stunde
>                          1w      ; Expire nach 1 Woche
>                          1d )    ; Negative Caching TTL von 1 Tag
> 
> ;
> ; Nameserver:
> ;
>                  IN NS   dns.enas.net.
>                  IN NS   dns2.enas.net.
> ;
> ; A-Records
> ;
> www     IN A    195.254.235.67
> ;
> ; MX Records
> ;
> @       IN MX 10 mail.enas.net.
> 
> 
> Dig for mail.enas.net reports.
> $ dig @dns.enas.net mail.enas.net
> ;; QUESTION SECTION:
> ;mail.enas.net.                 IN      A
> 
> ;; ANSWER SECTION:
> mail.enas.net.          86400   IN      A       195.254.235.67
> 
> 
> I use BIND 9.4.0b4.
> 
> Version of "named-checkzone" = 9.4.0b4
> 
> Have you any Idea why named-checkzone reports me that error?
> 
> Thanks and regards
> Urban
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org