CNAME Issue - Whether to use CNAME-data or Response-Flag

Steven Wilmot steven at data-utilities.co.uk
Wed Apr 14 12:54:07 UTC 2010


At the top of this post I'd first like to thank Jonathan for a great reply
(which for some reason never seemed to make it onto the usenet mirror of
this group.) - exactly what I was hoping for.

S.

----

On 10 April 2010 4:26 AM, Jonathan de Boyne Pollard wrote

>>> What I am hoping is that somebody might be able to help point me in the
direction of an RFC or 
>>> specification document that might explain the "PROPER" response.

JdBP >> It's RFC 2308 §2.1 <http://tools.ietf.org./html/rfc2308#section-2.1>
, and the proper interpretation of the 
JdBP >> responses that you are seeing from 81.187.81.32 and 81.187.30.41 is
exactly as per 
JdBP >> the Type 1 example given in that section of the RFC:

[...]

JdBP >> Ignore all of the wittering about cache poisoning, by the way.  It's
nonsense.  
JdBP >> Bailiwick is entirely in the eye of the beholder, so content DNS
servers are not required to tailor their responses to it.  [...]

Time for me to study the RFCs in detail I think ...

JdBP >> The problem is why Microsoft's DNS server is getting this wrong.
[...]
JdBP >> The bad news is that you're not going to find this out from the BIND
User's mailing list. 

But perhaps the BIND group will help describe "what it should be doing
right" ... (And it seems that thanks to your post, I've found just the RFC)

JdBP >> It is not where experts on Microsoft's DNS server generally hang
out, 
JdBP >> as you've probably noticed if you've read any of the back messages
before posting 
JdBP >> (as you should have
<http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/read-the-back-mes
sages.html> ). 

Oops - my mistake - Although I did read a FEW messages, I probable should
have scanned through the archives a bit more before posting.

JdBP >> Post to the microsoft.public.windows.server.dns newsgroup, and
knowledgeable people there such as Ace Fekay and others will 
JdBP >> show you how to configure Microsoft's DNS server to log the details
of its query resolution [...]

I had originally tried the Microsoft Technet forums (e.g.
http://social.technet.microsoft.com/Forums/en-GB/winserverNIS/thread/53f0798
2-01d4-4c62-b877-9f84f7095cb0) , and suppose that I could also have tried
the Microsoft DNS-newgroup aswell..

However, by this time I had already raised a full "support incident" with
Microsoft (after already having captured a number of logs, query-lookups,
and network-traces, including those from BIND) so it seemed a bit redundant
to post in a Microsoft newsgroup.

JdBP >> By the way, this part of RFC 2308 is a sore point. A lot of content
DNS servers get the RFC 1034 algorithm wrong when publishing alias chains,
most notably djbdns [...]

All good points. 

Steven.




More information about the bind-users mailing list