[dns-operations] CNAME into a delegated zone goes wrong.... any ideas?

Jeroen Massar jeroen at unfix.org
Sun Jun 12 22:15:31 UTC 2011

On 2011-06-13 00:11 , Steven Carr wrote:
> I'm not sure what you are expecting to see... the server has responded
> with what you have asked for in the +trace - when you do +trace
> recursion is disabled so it will never give you the "final" answer if
> you are expecting it to recurse, it will only give you what you have
> asked for, which in this case is the record for ntp.us.sixxs.net.

I agree, but why does 'dig' not go forward and ask nsX.sixxs.net for the
final answer then? Authoritive servers (eg the root ones) are not
recursive either, they also, just like the nsX.paphosting.net ones just
return a referral to the NS that does have the answer. the paphosting
NS's don't claim authority for ntp.sixxs.net thus it is not a final...

> Querying normally returns the correct list...

Yep, and I assume that that is because the google DNS servers are
non-BIND, as with unbound recursors it also works, but if I use anything
which builds upon BIND-based tech it fails...


More information about the dns-operations mailing list