Point domain name of my zone to name in somebody else's zone?
Kevin Darcy
kcd at chrysler.com
Fri May 9 22:47:48 UTC 2014
On 5/8/2014 5:13 PM, John Levine wrote:
>> DNSMadeEasy calls this an "ANAME" record, internally they just lookup
>> the destination's IP and cache it, updating it as needed.
>>
>> It works, but it would be nice if this could be done in DNS. Sadly, it
>> can't, and probably won't in our lifetimes.
> I do a similar thing in my DNS crudware, a pseudo-entry in the zone,
> every time the background update script runs, it does A and AAAA
> lookups and puts the results in the real zone, bumping the SOA serial
> if the result changed since last time. It's a crock, but one that we
> all seem to want.
>
> I suppose we could invent something like an AAAAANAME (that's A and
> AAAA name), that worked like a restricted CNAME and does an indirect
> lookup only for A or AAAA requests. Or overimplement it with a bitmap
> of the RR types to indirect for.
Or, a bitmap of the RR types to *not* indirect for, which
a) often if not usually will be a shorter list (even in the zone apex
case, you have 2 exclusions -- NS and SOA -- and typically 2 or more of
A/AAAA/MX/SPF/TXT as inclusions, potentially even more if the zone is
DNSSEC-signed), and
b) would automatically cover new RR types as they are defined
As an implementation detail, zone-loading logic could, if desired,
*automatically* set these bits based on what other record types with the
same owner name are explicitly defined in the zone file (on the
reasonable assumption that a data owner wouldn't explicitly define an
RRset in a zone file, only to have it be "hidden" forever by an
indirection record with the same owner name).
Of course, it's one thing to dream up a new RR type, quite another thing
to get it standardized via the IETF and then change the installed base
to actually recognize and use it. Also, during the (presumably long)
transition period, you'd have to use EDNS0 signalling or something
similar so that a server knows whether a client understands the new
record type or not. If the client doesn't understand the new type, you
need a fallback mechanism to cough up usable terminal-node records "the
old-fashioned way".
- Kevin
More information about the bind-users
mailing list