question about how a particular dig works ...

/dev/rob0 rob0 at
Tue Sep 18 15:04:08 UTC 2012

On Tue, Sep 18, 2012 at 10:43:47AM -0400, M. Meadows wrote:
> And as you point out it has a cname at the apex ... which I thought 
> was not allowed.

named will not accept it, and indeed, it is a violation of DNS 
standards. Other DNS implementations might allow it, however.

> Isn't it true that a cname record can't co-exist with any other 
> record in a zone file?

Sort of. A CNAME record in a signed zone will have its RRSIG and 
NSEC or NSEC3 of the same name. Otherwise, no other RR types can 
share the same name.

And a minor, but increasingly significant bit of pedantry: let's 
discuss zone *data* not zone *files.* Zone data can be in a journal 
or DLZ database, for example. As DNSSEC gains momentum, it is 
possible that manual editing of zone files will be replaced by 
nsupdate(8) and dynamic zones.

> So if the soa record in the zone file is for 
> ... how does the cname record get defined and loaded successfully?

I'd guess this is served by something other than BIND named.
-- -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

More information about the bind-users mailing list