NODATA type 3 with CNAME
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Tue Aug 5 22:49:53 UTC 2008
At Sat, 2 Aug 2008 17:21:31 +0100,
James Ponder <james at squish.net> wrote:
> I'm confused why Bind would accept the g.www.ms.akadns.net CNAME when it
> asked about toggle.www.ms.akadns.net and yet not accept the A records
> for lb1.www.ms.akadns.net at the same time?
>
> I'm also not seeing the rationale behind not accepting the whole chain
> from toggle down to the A records - we know we're talking to the
> akadns.net authoritative nameserver after all. Isn't it being overly
> paranoid rather than properly paranoid?
If I understand the correctly, this is because Section 5.4.1 of
RFC2181. Specifically, the following part:
Note that the answer section of an authoritative answer normally
contains only authoritative data. However when the name sought is an
alias (see section 10.1.1) only the record describing that alias is
necessarily authoritative. Clients should assume that other records
may have come from the server's cache. Where authoritative answers
are required, the client should query again, using the canonical name
associated with the alias.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list