[dns-operations] does anybody know why yahoo+akamai are doing this?
David Blacka
davidb at verisignlabs.com
Tue Mar 21 20:45:30 UTC 2006
On Mar 20, 2006, at 1:58 PM, Paul Vixie wrote:
> # > AA says that the *first* answer (CNAME) is authoritative. Any
> # > other records in the answer section may not be authoritative.
> #
> # Yes, I know that. What puzzled me was that it had www.yahoo.com
> # CNAME as authoritative data, yet not yahoo.com NS.
> #
> # I'm guessing that there is some sort of semi-obvious scenario here,
> # but I haven't been able to think of it, so I'm asking.
>
> the yahoo.com nameservers do not (thank the gods!) have fetch-glue
> enabled,
> and so they don't have any NS information for the target of the
> nonterminal
> CNAME chain they're returning. RFC1034 implies that whatever is
> the closest
> zone cut to this nonterminal CNAME target, should go into the
> authority
> section.
Ok, this makes sense, and I'm not sure why I didn't get this in the
first place.
I'm not sure that the word "implies" is correct, however, since a
literal reading of the algorithm in 1034 section 4.3.2 directly leads
to adding the closest zone cut to the target being added.
--
David Blacka <davidb at verisignlabs.com>
Sr. Engineer VeriSign Applied Research
More information about the dns-operations
mailing list