Referencing by cname from one authoritative zone to another authoritative zone

Fri Oct 4 00:34:38 UTC 2024

Dear.

・9.9.4
Master
ns0.bbb.co.jp
Slave
ns1.bbb.co.jp
ns2.bbb.co.jp

・9.18.28
Master
ns0-2024.bbb.co.jp
Slave
ns1-2024.bbb.co.jp
ns2-2024.bbb.co.jp

# dig @ns1-2024.bbb.co.jp ns2.bbb.co.jp.

; <<>> DiG 9.18.28 <<>> @ns1-2024.bbb.co.jp ns2.bbb.co.jp.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12653
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 86a5aef292eec6700100000066ff3765baf0fbd3340da90b (good)
;; QUESTION SECTION:
;ns2.bbb.co.jp.              IN      A

;; ANSWER SECTION:
ns2.bbb.co.jp.       900     IN      A       1.2.3.5

;; Query time: 6 msec
;; SERVER: 1.2.3.14#53(ns1-2024.bbb.co.jp) (UDP)
;; WHEN: Fri Oct 04 09:31:33 JST 2024
;; MSG SIZE  rcvd: 89

-----Original Message-----
From: bind-users <bind-users-bounces at lists.isc.org> On Behalf Of Matus UHLAR - fantomas
Sent: Thursday, October 3, 2024 6:50 PM
To: bind-users at lists.isc.org
Subject: Re: Referencing by cname from one authoritative zone to another authoritative zone

On 03.10.24 09:21, 大浦 義 wrote:
>・9.9.4→OK
># dig @ns1.bbb.co.jp time1.aaa.ne.jp

>;; ANSWER SECTION:
>time1.aaa.ne.jp.       3600    IN      CNAME   ns2.bbb.co.jp.
>ns2.bbb.co.jp.       900     IN      A       1.2.3.5
>
>;; AUTHORITY SECTION:
>bbb.co.jp.           900     IN      NS      ns6-tk02.ccc.ad.jp.
>bbb.co.jp.           900     IN      NS      ns2.bbb.co.jp.
>bbb.co.jp.           900     IN      NS      ns1.bbb.co.jp.
>
>;; ADDITIONAL SECTION:
>ns1.bbb.co.jp.       900     IN      A       1.2.3.4

>・9.18.28→NG
># dig @ns1-2024.bbb.co.jp time1.aaa.ne.jp

>;; ANSWER SECTION:
>time1.aaa.ne.jp.       3600    IN      CNAME   ns2.bbb.co.jp.

Now do:
dig @ns1-2024.bbb.co.jp ns2.bbb.co.jp.

what records does ns2.bbb.co.jp. have on ns1-2024.bbb.co.jp ?

>On 03.10.24 08:40, 大浦 義 wrote:
>>Referencing by cname from one authoritative zone to another authoritative zone may not work properly depending on the version.
>>Is this due to a specification change? Is there a way to handle this?
>>I am running nslookup from a client that is not included in acl respectively.
>>I would like to make the NG part become OK.
>>
>>--
>>One Server Has Two Zone.
>>aaa.ne.jp & bbb.co.jp
>>
>>・aaa.ne.jp
>>time1			CNAME	ns2.bbb.co.jp.
>>time2			CNAME	ns1.bbb.co.jp.
>>
>>・bbb.co.jp
>>ns1			A	1.2.3.4
>>ns2			A	1.2.3.5
>>time		CNAME	ns2
>>
>>・Bind9.9.4→OK
>>>nslookup time2.aaa.ne.jp
>>名前:    ns1.bbb.co.jp
>>Address:  1.2.3.4
>>Aliases:  time2.aaa.ne.jp
>>
>>・Bind9.18.28→NG
>>>nslookup time2.aaa.ne.jp
>>名前:    ns1.bbb.co.jp
>
>nslookup is NOT a good tool to resolve DNS problems.  Use "dig" instead.
>
>
>dig time2.aaa.ne.jp @"IP of Bind9.9.4"
>
>
>dig time2.aaa.ne.jp @"IP of Bind9.18.28"

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
How does cat play with mouse? cat /dev/mouse
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users