Problem with powerdns(master) -> bind(slave)

Paul Vixie Paul_Vixie at isc.org
Tue Jan 22 14:05:42 UTC 2008


Stephane Bortzmeyer <bortzmeyer at nic.fr> writes:

> > You can't mix a CNAME with other data.  
> 
> Other persons said so but it should be noted that it is no longer
> completely true. RFC 4034 (published in march 2005) says:
> 
>    Because every authoritative RRset in a zone must be protected by a
>    digital signature, RRSIG RRs must be present for names containing a
>    CNAME RR.  This is a change to the traditional DNS specification
>    [RFC1034], which stated that if a CNAME is present for a name, it is
>    the only type allowed at that name. 
> 
> Mixing CNAME and A is still forbidden but you cannot say "Never use
> CNAME with other types" any more.

in this sense the rrsig rr sharing a node with a cname rr, and the ds rr
sharing a node with a zone-bottom ns rr, should be thought of as metadata
attached to those rrsets, rather than as data in their own right.
-- 
Paul Vixie



More information about the bind-users mailing list