CNAME Rules

Chuck Swiger cswiger at mac.com
Mon Jun 25 21:55:50 UTC 2012 

On Jun 25, 2012, at 2:34 PM, Srinivas Krishnan wrote:
> You are using a caching resolver to check the responses and you only see response after its been resolved by Google's DNS server.

The overwhelming majority of Internet users are using caching resolvers running at their ISP, employer, etc.  :-)

> Try dig @ns1.wordpress.comafter12.failblog.org. to see the actual records that you would receive if you were a DNS server performing an authoritative query to wordpress.
> 
> Is having a CNAME in the additional section regular CNAME chaining, my understanding was that additional sections do not contain CNAMEs. 

The wordpress nameserver is hoping to short-circuit a series of requests following the CNAME chain by including the data in the additional section:

% dig after12.failblog.org. @ns1.wordpress.com
[ ... ]
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27255
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 6, ADDITIONAL: 7
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;after12.failblog.org.		IN	A

;; ANSWER SECTION:
after12.failblog.org.	3600	IN	CNAME	chzallnighter.wordpress.com.
vip-lb.wordpress.com.	300	IN	A	74.200.247.187
vip-lb.wordpress.com.	300	IN	A	74.200.247.59
vip-lb.wordpress.com.	300	IN	A	76.74.255.117
vip-lb.wordpress.com.	300	IN	A	72.233.104.123
vip-lb.wordpress.com.	300	IN	A	72.233.127.217
vip-lb.wordpress.com.	300	IN	A	76.74.255.123

;; AUTHORITY SECTION:
wordpress.com.		14400	IN	NS	ns1.wordpress.com.
wordpress.com.		14400	IN	NS	ns2.wordpress.com.
wordpress.com.		14400	IN	NS	ns3.wordpress.com.
wordpress.com.		14400	IN	NS	ns4.wordpress.com.
wordpress.com.		14400	IN	NS	ns5.wordpress.com.
wordpress.com.		14400	IN	NS	ns6.wordpress.com.

;; ADDITIONAL SECTION:
chzallnighter.wordpress.com. 300 IN	CNAME	vip-lb.wordpress.com.
ns1.wordpress.com.	14400	IN	A	72.233.69.14
ns2.wordpress.com.	14400	IN	A	76.74.159.137
ns3.wordpress.com.	14400	IN	A	64.34.177.159
ns4.wordpress.com.	14400	IN	A	72.233.104.98
ns5.wordpress.com.	14400	IN	A	69.174.248.140
ns6.wordpress.com.	14400	IN	A	64.34.174.135

A paranoid nameserver would discard the A records in the ANSWER section and the CNAME for ADDITIONAL SECTION as not matching the query, but then it would have to follow the CNAME and look those records up anyway...

Regards,
-- 
-Chuck

More information about the bind-users mailing list