CNAME Issue - Whether to use CNAME-data or Response-Flag
Mark Andrews
marka at isc.org
Fri Apr 9 22:15:05 UTC 2010
In message <4BBF91DE.2070201 at dougbarton.us>, Doug Barton writes:
> On 04/09/10 13:28, David Forrest wrote:
> >
> > Doug: I think it is a server error that is being reported because
> > the status is NXDOMAIN instead of the expected NOERROR.
>
> Well that's all you really had to say. :) I admit that I didn't catch
> the NXDOMAIN bit when I looked at the dig output, I was focused on the
> ANSWER and ADDITIONAL sections.
>
> I'll leave it up to the protocol experts to answer your question, but my
> followup question is, what bad thing are you seeing happen because of
> this? From your original post it seems like some resolvers are not doing
> what BIND 9.6.2-P1 is doing, namely chasing the CNAME to come up with an
> answer to the A query. Is that your concern?
>
> > Could you dig it again @primary-dns.co.uk with +norec and see if your
> > output then shows NOERROR?
>
> Doesn't matter, recursion is not available on the authoritative server
> anyway.
>
>
> Doug
>
> --
>
> ... and that's just a little bit of history repeating.
> -- Propellerheads
>
> Improve the effectiveness of your Internet presence with
> a domain name makeover! http://SupersetSolutions.com/
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
I would be asking operators of primary-dns.co.uk why they are
actively cache poisioning. They have not been delegated aaisp.net.uk
so they should not be serving aaisp.net.uk.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list