recursive queries?
Tom K.
klout at gmx.net
Tue Nov 12 09:09:52 UTC 2002
On 11 Nov 2002 20:17:32 -0000, Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>This is probably because of external aliases. If you have a CNAME pointing to
>a name in a zone you don't control, then when you get a query for that name,
>named will internally "attempt" to fetch the data for the CNAME target, but
>when it realizes that it would have to recurse to get the data, it logs it as
>an unsuccessful recursion attempt.
>
>Also, I think there are some broken/lazy resolvers out there which will
>automatically send a query for the CNAME target to the same place they just
>got the CNAME, regardless of whether it has any reason to believe the server
>is authoritative for that data. This might be a misguided attempt at
>optimization: I say "misguided" because if the responding server was
>authoritative for the CNAME target, it probably would have returned it in the
>original response (and the percentage of cases where this would push the
>response over the 512-byte UDP limit is undoubtedly very low).
>
Thanks Kevin,
that makes sense to me. But I found another explanation. I talked to an MS
Expert today and he told me that newer versions of IE do also reverse
queries which could also lead to the recursive queries. So if someone who
is not our customer uses our DNS, will also get an recursive query denied.
regards,
Tom
More information about the bind-users
mailing list