dot at dotat.at
Thu Jun 6 19:04:55 UTC 2013
Vernon Schryver <vjs at rhyolite.com> wrote:
> About chasing CNAMEs safely or otherwise, please recall the somewhat
> controversial DontExpandCnames. The current cf/README says:
> confDONT_EXPAND_CNAMES DontExpandCnames
> [False] If set, $[ ... $] lookups that
> do DNS based lookups do not expand
> CNAME records. This currently violates
> the published standards, but the IETF
> seems to be moving toward legalizing
> this. For example, if "FTP.Foo.ORG"
> is a CNAME for "Cruft.Foo.ORG", then
> with this option set a lookup of
> "FTP" will return "FTP.Foo.ORG"; if
> clear it returns "Cruft.FOO.ORG". N.B.
> you may not see any effect until your
> downstream neighbors stop doing CNAME
> lookups as well.
That sounds like it was written about 15 years ago when the DRUMS working
group was active. "This currently violates the published standards" refers
to RFC 1123, and the mail-related parts of that were obsoleted by RFC 2821
and then RFC 5321 which allow non-canonical domains (and in fact did right
from the first draft of November 1995).
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
More information about the bind-users