bind-9.7.2 not forward CNAMEDed domain names

Drunkard Zhang gongfan193 at
Tue Feb 22 10:06:48 UTC 2011

>>>> The upstream DNS server did responsed correctly, by
>>>> analysis via tcpdump.  But why bind didn't use THE RESPONSE, but
>>>> resolves again from root-servers.
>>> Unfortunately, the information provided by must be
>>> discarded because that is server is not authoritative for
>>> From your resolver's perspective, it is a totally unrelated domain
>>> name.
>> Thanks! So bind can accept second hand answer, but won't accept third
>> hand (or more) answer?
> It shouldn't accept the second CNAME, either.  Are you sure that it
> does?  It's probably the same globally, so it's not visible from the
> cache contents.
Yes, from the capture it just didn't accept the last CNAME.

My capture command: tcpdump -s 0 -nnnvvv -w`date +%Y%m%d`.pcap
udp port 53

17:59:36 ~ $ dig +nocmd @ +multiline
+noall +answer	215 IN CNAME 325 IN CNAME 368 IN	A

but bind just resolved again.

More information about the bind-users mailing list