about a query
Terry.
terry at list.dnsbed.com
Tue Feb 22 01:44:48 UTC 2011
Thanks a lot Chris.
2011/2/21 Chris Buxton <chris.p.buxton at gmail.com>:
> That depends on the implementation. Really old versions of BIND would
> have accepted the A record. However, it's not in-bailiwick, so any
> name server that would accept it is very likely vulnerable to cache
> poisoning.
>
> Current versions of BIND (probably stretching back to somewhere in the
> 8.2 series) will disregard it and resolve it separately.
>
> Chris Buxton
> BlueCat Networks
>
>
> On 2/21/11, Terry. <terry at list.dnsbed.com> wrote:
>> Hello,
>>
>> Please see the dig info below. ns1.dns-diy.com is the auth-server of
>> duowan.com domain.
>> My question is, when ns1.dns-diy.com answer with a CNAME for
>> "udb.duowan.com", and the answer also include an A RR for that alias,
>> how will the public DNS cache servers handle this answer?
>> Will the DNS cache use this A RR as result directly, or they make a
>> new request for the alias domain name udb.duowan.blogchina.org and
>> find the result?
>>
>> Thanks!
>>
>> $ dig udb.duowan.com +trace
>>
>> ; <<>> DiG 9.4.2-P2 <<>> udb.duowan.com +trace
>> ;; global options: printcmd
>> . 108212 IN NS d.root-servers.net.
>> . 108212 IN NS e.root-servers.net.
>> . 108212 IN NS m.root-servers.net.
>> . 108212 IN NS b.root-servers.net.
>> . 108212 IN NS g.root-servers.net.
>> . 108212 IN NS l.root-servers.net.
>> . 108212 IN NS c.root-servers.net.
>> . 108212 IN NS i.root-servers.net.
>> . 108212 IN NS k.root-servers.net.
>> . 108212 IN NS a.root-servers.net.
>> . 108212 IN NS j.root-servers.net.
>> . 108212 IN NS h.root-servers.net.
>> . 108212 IN NS f.root-servers.net.
>> ;; Received 512 bytes from 202.96.128.86#53(202.96.128.86) in 4 ms
>>
>> com. 172800 IN NS h.gtld-servers.net.
>> com. 172800 IN NS g.gtld-servers.net.
>> com. 172800 IN NS e.gtld-servers.net.
>> com. 172800 IN NS c.gtld-servers.net.
>> com. 172800 IN NS d.gtld-servers.net.
>> com. 172800 IN NS a.gtld-servers.net.
>> com. 172800 IN NS l.gtld-servers.net.
>> com. 172800 IN NS f.gtld-servers.net.
>> com. 172800 IN NS k.gtld-servers.net.
>> com. 172800 IN NS b.gtld-servers.net.
>> com. 172800 IN NS i.gtld-servers.net.
>> com. 172800 IN NS m.gtld-servers.net.
>> com. 172800 IN NS j.gtld-servers.net.
>> ;; Received 492 bytes from 128.8.10.90#53(d.root-servers.net) in 340 ms
>>
>> duowan.com. 172800 IN NS ns1.dns-diy.com.
>> duowan.com. 172800 IN NS ns2.dns-diy.com.
>> ;; Received 204 bytes from 192.35.51.30#53(f.gtld-servers.net) in 300 ms
>>
>> udb.duowan.com. 90000 IN CNAME udb.duowan.blogchina.org.
>> udb.duowan.blogchina.org. 5 IN A 64.38.63.4
>> ;; Received 86 bytes from 218.85.139.33#53(ns1.dns-diy.com) in 19 ms
>>
>> --
>> Free SmartDNS Hosting:
>> http://DNSbed.com/
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
> --
> Sent from my mobile device
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
Free SmartDNS Hosting:
http://DNSbed.com/
More information about the bind-users
mailing list