need clarification on "forward" behavior

Veaceslav Revutchi slavarevutchi at gmail.com
Thu Oct 6 23:08:16 UTC 2016


Hi, I have a statement in my recursive resolver (rr-server) similar to this:

zone "example.org" { type forward; forward only; forwarders {
10.64.1.1; 10.64.1.2; } ; };

When clients ask for "aaa.example.org" I would expect it to send the
same query to one of the IPs above and return the answer to the
client. I see the server forwarding the query and it gets the answer
below:

rr-server:~$ dig @10.64.1.1 aaa.example.org

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;;
;; ANSWER SECTION:
aaa.example.org. 200 IN CNAME bbb.example.net.
bbb.example.net. 60 IN A 10.64.64.64

I would expect the server to return "10.64.64.64" to the client.
Instead it recurses over "bbb.example.net" which comes back with a
different "A" record from an external server and returns that IP to
the client unless I add a forward for "example.net" also. Is this how
it's supposed to work?

I'm running: BIND 9.9.4-RedHat-9.9.4-29.el7_2.3

Thank you,
Slava


More information about the bind-users mailing list