Forwarding DNS Server can not resolved alias records(CNAME)?

Kevin Darcy kcd at chrysler.com
Fri Jun 25 21:29:31 UTC 2010 

Note that the name "218.246.85.101" -- which is the target of the 
"www.01cool.com" alias -- does not exist in the Internet DNS.

I don't what kind of DNS implementation/configuration is running on 
211.99.204.77, but it seems to be returning SERVFAIL for *any* recursive 
query outside of its authoritative zones:

dig cnn.com @211.99.204.77

; <<>> DiG 9.3.0 <<>> cnn.com @211.99.204.77
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cnn.com.                       IN      A

which would, of course, include the aforementioned name "218.246.85.101".

For non-recursive queries outside of its authoritative zones, it gives a 
root referral, which is reasonable.

I guess that crippling one's nameserver in this way is marginally better 
than being an open recursor, but not by much...


                                                                         
                                     - Kevin

On 6/25/2010 7:02 AM, ShanyiWan wrote:
> Forwarding DNS Server can not resolved alias records(CNAME)?
>
> here:
>
> 211.99.204.77   Forwarding DNS
>
> Master Zone (another ip address)
>
> [root at flyinweb data]# vi 01cool.com.dom
>
> $TTL 7200       ; 2 hours
> @    IN  SOA  ns1.mymaster.com. root.mymaster.com. (
>                  5; serial
>                  10800; refresh
>                  3600; retry
>                  604800; expire
>                  86400; mininum
>                  )
>          NS      ns1.mymaster.com.
>          NS      ns2.mymaster.com.
>          MX      10 mail.01cool.com.
> @       A       218.246.85.101
> mail    A       218.246.85.199
> www     CNAME   218.246.85.101.
> www1    CNAME   517sou.net.
>
> A Record is correct,but CNAME Record is incorrect!
>
> [root at flyinweb data]# dig @211.99.204.77 01cool.com
>
> ;<<>>  DiG 9.7.0-P2<<>>  @211.99.204.77 01cool.com
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17293
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;01cool.com.                    IN      A
>
> ;; ANSWER SECTION:
> 01cool.com.             7200    IN      A       218.246.85.101
>
> ;; AUTHORITY SECTION:
> 01cool.com.             7200    IN      NS      ns1.cnolnic.com.
> 01cool.com.             7200    IN      NS      ns2.cnolnic.com.
>
> ;; ADDITIONAL SECTION:
> ns2.cnolnic.com.        6523    IN      A       59.151.23.112
>
> ;; Query time: 108 msec
> ;; SERVER: 211.99.204.77#53(211.99.204.77)
> ;; WHEN: Fri Jun 25 19:00:35 2010
> ;; MSG SIZE  rcvd: 104
>
> [root at flyinweb ~]# dig @211.99.204.77 www.01cool.com
>
> ;<<>>  DiG 9.7.0-P2<<>>  @211.99.204.77 www.01cool.com
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25575
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.01cool.com.                        IN      A
>
> ;; Query time: 108 msec
> ;; SERVER: 211.99.204.77#53(211.99.204.77)
> ;; WHEN: Fri Jun 25 18:57:27 2010
> ;; MSG SIZE  rcvd: 32
> ~
> --------------
> ShanyiWan
> 2010-06-25
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>

More information about the bind-users mailing list