bind-9.7.2 not forward CNAMEDed domain names
Drunkard Zhang
gongfan193 at gmail.com
Tue Feb 22 10:06:48 UTC 2011
>>>> The upstream DNS server 211.161.192.1 did responsed correctly, by
>>>> analysis via tcpdump. But why bind didn't use THE RESPONSE, but
>>>> resolves again from root-servers.
>>>
>>> Unfortunately, the information provided by 211.161.192.1 must be
>>> discarded because that is server is not authoritative for cachecn.com.
>>> From your resolver's perspective, it is a totally unrelated domain
>>> name.
>>>
>> Thanks! So bind can accept second hand answer, but won't accept third
>> hand (or more) answer?
>
> It shouldn't accept the second CNAME, either. Are you sure that it
> does? It's probably the same globally, so it's not visible from the
> cache contents.
>
Yes, from the capture it just didn't accept the last CNAME.
My capture command: tcpdump -s 0 -nnnvvv -w 360.cn-`date +%Y%m%d`.pcap
udp port 53
17:59:36 ~ $ dig +nocmd speedtest.360.cn @211.161.192.1 +multiline
+noall +answer
speedtest.360.cn. 215 IN CNAME speedtest.360.cn.cloudcdn.net.
speedtest.360.cn.cloudcdn.net. 325 IN CNAME cloud010005.cachecn.com.
cloud010005.cachecn.com. 368 IN A 61.155.141.28
but bind just resolved cloud010005.cachecn.com again.
More information about the bind-users
mailing list