[bind10-dev] should b10-auth return CNAME chain?

Mark Andrews marka at isc.org
Mon Jan 24 10:50:50 UTC 2011


Returning just the CNAME and not what it points to prevents the
authoritative nameserver accidently poisioning caches which follow
such CNAME records.  This forces the cache to make a additional
lookup.

BIND 9 may yet stop following the chain internally when operating
in authoritative mode.  It's been proposed several times and not
been outright rejected.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind10-dev mailing list