dnswalk output

[Kevin Darcy]

Ian Masters wrote:
> Hello
>
> I'm trying to test my local dns with dnswalk (newest version, v 2.0.2)
> and I'm confused about the output. I've read the dnswalk man page and
> searched the list archives but I'm none the wiser.
>
> The output of dnswalk looks like this:
>
> [root at mail slaves]# dnswalk xx.yyyyy.co.jp.
> Checking xx.yyyyy.co.jp.
> Getting zone transfer of xx.yyyyy.co.jp. from dev-gw.xx.yyyyy.co.jp...done.
> SOA=dev-gw.xx.yyyyy.co.jp       contact=root.xx.yyyyy.co.jp
> BAD: xx.yyyyy.co.jp NS mail.xx.yyyyy.co.jp: CNAME (to mail)
> WARN: xx.yyyyy.co.jp MX mail.xx.yyyyy.co.jp: CNAME (to mail)
> 0 failures, 1 warnings, 1 errors.
>
> And here is my zone file:
>
> [root at dev-gw named]# cat db.xx.yyyyy.co.jp
>
> $ORIGIN .
> $TTL 86400      ; 1 day
> xx.yyyyy.co.jp          IN SOA  dev-gw.xx.yyyyy.co.jp.
> root.xx.yyyyy.co.jp. (
>                                 2008100905 ; serial
>                                 10800      ; refresh (3 hours)
>                                 3600       ; retry (1 hour)
>                                 604800     ; expire (1 week)
>                                 86400      ; minimum (1 day)
>                                 )
>                         NS      dev-gw.xx.yyyyy.co.jp.
>                         NS      mail.xx.yyyyy.co.jp.
>                         MX      10 mail.xx.yyyyy.co.jp.
> $ORIGIN xx.yyyyy.co.jp.
> mail                    A       172.16.252.110
> dev-gw                  A       172.16.252.104
>
> If dnswalk is still a reliable tool, could someone help with deciphering
> its report please.
>
>   
For NS records, "dnswalk" compares the RDATA of the record with the
results of a gethostbyname() on the same name, and assumes that if the
two are different, that the NS record is pointed at an alias (which is
illegal).

However, gethostbyname() can return a different name if another source
of naming information has precedence over DNS, e.g. one has "hosts:
files dns" in /etc/nsswitch.conf on Solaris, and that other source of
naming information has a different form of the same name, e.g. the short
form.

I think that's what's happening to you. gethostbyname() is finding the
name "mail" in (probably) /etc/hosts, and since it doesn't match the
FQDN "mail.xx.yyyyy.co.jp", it assumes your NS is pointed at an alias.

I consider this a bug in dnswalk. The same faulty logic also appears in
the MX-record check. At the very least, it should check the "aliases"
variable which is returned by gethostbyname() to see if the name
resolved via and alias or not.

Does this crude logic make the utility "unreliable"? Can't really say,
since I haven't played around with it enough to see if there are other
bugs. It drew my attention to some "problem spots" in the one zone I ran
it on, so I'd say it still, despite its imperfections, has some value...

- Kevin