Referencing by cname from one authoritative zone to another authoritative zone
大浦 義
oourat at sandi.co.jp
Thu Oct 3 09:21:16 UTC 2024
Thanks
・9.9.4→OK
# dig @ns1.bbb.co.jp time1.aaa.ne.jp
; <<>> DiG 9.18.28 <<>> @ns1.bbb.co.jp time1.aaa.ne.jp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45310
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;time1.aaa.ne.jp. IN A
;; ANSWER SECTION:
time1.aaa.ne.jp. 3600 IN CNAME ns2.bbb.co.jp.
ns2.bbb.co.jp. 900 IN A 1.2.3.5
;; AUTHORITY SECTION:
bbb.co.jp. 900 IN NS ns6-tk02.ccc.ad.jp.
bbb.co.jp. 900 IN NS ns2.bbb.co.jp.
bbb.co.jp. 900 IN NS ns1.bbb.co.jp.
;; ADDITIONAL SECTION:
ns1.bbb.co.jp. 900 IN A 1.2.3.4
;; Query time: 5 msec
;; SERVER: 1.2.3.5#53(ns1.bbb.co.jp) (UDP)
;; WHEN: Thu Oct 03 18:13:02 JST 2024
;; MSG SIZE rcvd: 167
・9.18.28→NG
# dig @ns1-2024.bbb.co.jp time1.aaa.ne.jp
; <<>> DiG 9.18.28 <<>> @ns1-2024.bbb.co.jp time1.aaa.ne.jp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4331
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 386177ce244122bb0100000066fe60f41e1c4a3d91cfea89 (good)
;; QUESTION SECTION:
;time1.aaa.ne.jp. IN A
;; ANSWER SECTION:
time1.aaa.ne.jp. 3600 IN CNAME ns2.bbb.co.jp.
;; Query time: 6 msec
;; SERVER: 1.2.3.14#53(ns1-2024.bbb.co.jp) (UDP)
;; WHEN: Thu Oct 03 18:16:36 JST 2024
;; MSG SIZE rcvd: 103
-----Original Message-----
From: bind-users <bind-users-bounces at lists.isc.org> On Behalf Of Matus UHLAR - fantomas
Sent: Thursday, October 3, 2024 5:58 PM
To: bind-users at lists.isc.org
Subject: Re: Referencing by cname from one authoritative zone to another authoritative zone
On 03.10.24 08:40, 大浦 義 wrote:
>Referencing by cname from one authoritative zone to another authoritative zone may not work properly depending on the version.
>Is this due to a specification change? Is there a way to handle this?
>I am running nslookup from a client that is not included in acl respectively.
>I would like to make the NG part become OK.
>
>--
>One Server Has Two Zone.
>aaa.ne.jp & bbb.co.jp
>
>・aaa.ne.jp
>time1 CNAME ns2.bbb.co.jp.
>time2 CNAME ns1.bbb.co.jp.
>
>・bbb.co.jp
>ns1 A 1.2.3.4
>ns2 A 1.2.3.5
>time CNAME ns2
>
>・Bind9.9.4→OK
>>nslookup time2.aaa.ne.jp
>名前: ns1.bbb.co.jp
>Address: 1.2.3.4
>Aliases: time2.aaa.ne.jp
>
>・Bind9.18.28→NG
>>nslookup time2.aaa.ne.jp
>名前: ns1.bbb.co.jp
nslookup is NOT a good tool to resolve DNS problems. Use "dig" instead.
dig time2.aaa.ne.jp @"IP of Bind9.9.4"
dig time2.aaa.ne.jp @"IP of Bind9.18.28"
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list