[dns-operations] does anybody know why yahoo+akamai are doing this?

Paul Vixie paul at vix.com
Wed Mar 22 21:16:55 UTC 2006


# As one of the DNS admins for Yahoo!, I'd like to make sure that we 
# aren't actually doing anything wrong.
# ...
# Am I summing up the situation correctly?

yes.  but another thing you can do, probably more usefully, is to set up
a "stub" zone (assuming you're running bind8 or bind9) for the zone that
the cname is pointing into (yahoo.akadns.net).  this would actually meet
the intent of RFC 1034 which is that a recursor who has to follow your
out-of-zone CNAME will get a hint from you as to where they can find it.
of course, most modern recursors will ignore your hint since you're not
the authority it would go to for those NS RRs and they don't want to be
sent on a wild goose chase, have their cache poisoned, or whatever.  but
you could meet the intent of RFC1034 with a "stub" zone, or you could
work around this somewhat bizarre implication of RFC1034 by deleting your
"hint" zone.  (note to the lurkers... don't delete your "hint" zone if
you're also recursive... but don't be also recursive, if you can avoid it.)



More information about the dns-operations mailing list