format error: CNAME response for DNSKEY RR
Mark Andrews
marka at isc.org
Thu Oct 4 01:00:15 UTC 2012
In message <alpine.LSU.2.00.1210031745360.4979 at hermes-1.csi.cam.ac.uk>, Tony Fi
nch writes:
> Why does named complain in this manner? I noticed this when wondering
> about validating stub resolvers which might query for DNSKEY and DS
> records without knowing where zone cuts are in order to reduce latency.
>
> 03-Oct-2012 17:44:47.571 resolver: notice:
> DNS format error from 212.72.49.3#53
> resolving www.bbc.co.uk/DNSKEY
> for client 127.0.0.1#48638:
> CNAME response for DNSKEY RR
It's fallout from the type code roll from KEY to DNSKEY. KEY can
exist beside CNAME so the CNAME is not followed for KEY, the same
is not supposed to be true for DNSKEY. I'll open a bug ticket for
this.
For reference see RFC 4035 Section 2.5
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list