[dns-operations] NS records pointing to names with CNAME records

Mark Andrews marka at isc.org
Thu Jun 25 03:41:32 UTC 2009

In message <d791b8790906241456q2100719es8347396b66e90d27 at mail.gmail.com>, Matth
ew Dempsky writes:
> Does anyone have any knowledge of how well currently deployed DNS
> caches handle NS records pointing to names with CNAME records?

	named fails them deliberately because they cannot work
	at the theoretical level for all delegation.  You need
	to change the additional section processing rules for
	them to work.

>  I know
> the relevant RFCs warn that zones should not be configured this way
> because older caches may have problems with them, but they also warn
> against CNAME chains (which are commonly used), and looking at my
> DNSTrust logs, I discovered a handful of zones configured this way,
> including one ccTLD (.mm).
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list