shrin.krishnan at gmail.com
Mon Jun 25 22:00:17 UTC 2012
I am talking from the point of view of a DNS server not a client resolver. Anyways note that the entire CNAME chain is from the same wordpress zone, so the chain should be followed without requiring an additional query and there is no need for trying to short circuit the process by adding it into the Additional section. Am I wrong ?
On Monday, June 25, 2012 5:55:50 PM UTC-4, Chuck Swiger wrote:
> On Jun 25, 2012, at 2:34 PM, Srinivas Krishnan wrote:
> > You are using a caching resolver to check the responses and you only see response after its been resolved by Google's DNS server.
> The overwhelming majority of Internet users are using caching resolvers running at their ISP, employer, etc. :-)
> > Try dig @ns1.wordpress.comafter12.failblog.org. to see the actual records that you would receive if you were a DNS server performing an authoritative query to wordpress.
> > Is having a CNAME in the additional section regular CNAME chaining, my understanding was that additional sections do not contain CNAMEs.
> The wordpress nameserver is hoping to short-circuit a series of requests following the CNAME chain by including the data in the additional section:
> % dig after12.failblog.org. @ns1.wordpress.com
> [ ... ]
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27255
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 6, ADDITIONAL: 7
> ;; WARNING: recursion requested but not available
> ;; QUESTION SECTION:
> ;after12.failblog.org. IN A
> ;; ANSWER SECTION:
> after12.failblog.org. 3600 IN CNAME chzallnighter.wordpress.com.
> vip-lb.wordpress.com. 300 IN A 220.127.116.11
> vip-lb.wordpress.com. 300 IN A 18.104.22.168
> vip-lb.wordpress.com. 300 IN A 22.214.171.124
> vip-lb.wordpress.com. 300 IN A 126.96.36.199
> vip-lb.wordpress.com. 300 IN A 188.8.131.52
> vip-lb.wordpress.com. 300 IN A 184.108.40.206
> ;; AUTHORITY SECTION:
> wordpress.com. 14400 IN NS ns1.wordpress.com.
> wordpress.com. 14400 IN NS ns2.wordpress.com.
> wordpress.com. 14400 IN NS ns3.wordpress.com.
> wordpress.com. 14400 IN NS ns4.wordpress.com.
> wordpress.com. 14400 IN NS ns5.wordpress.com.
> wordpress.com. 14400 IN NS ns6.wordpress.com.
> ;; ADDITIONAL SECTION:
> chzallnighter.wordpress.com. 300 IN CNAME vip-lb.wordpress.com.
> ns1.wordpress.com. 14400 IN A 220.127.116.11
> ns2.wordpress.com. 14400 IN A 18.104.22.168
> ns3.wordpress.com. 14400 IN A 22.214.171.124
> ns4.wordpress.com. 14400 IN A 126.96.36.199
> ns5.wordpress.com. 14400 IN A 188.8.131.52
> ns6.wordpress.com. 14400 IN A 184.108.40.206
> A paranoid nameserver would discard the A records in the ANSWER section and the CNAME for ADDITIONAL SECTION as not matching the query, but then it would have to follow the CNAME and look those records up anyway...
More information about the bind-users