[dns-operations] DNAME interoperability
Mark Andrews
marka at isc.org
Wed Nov 30 23:26:00 UTC 2011
In message <1322643956.5554.4.camel at jhorne.csd.plymouth.ac.uk>, John Horne writes:
> On Wed, 2011-11-30 at 09:52 +0100, Phil Regnauld wrote:
> > John Horne (john.horne) writes:
> > > On Tue, 2011-11-29 at 18:36 +0000, Tony Finch wrote:
> > > > Possibly of interest to this list, I've posted an article on my blog
> > > > describing a couple of DNAME interoperability problems that we have
> > > > encountered. Has anyone else seen anything similar?
> > > >
> > > > http://fanf.livejournal.com/116744.html
> > > >
> > > Hello,
> > >
> > > A few years ago we used the DNAME record for our old short-name of
> > > 'plym.ac.uk' pointing to the long-name of 'plymouth.ac.uk'. However, we
> > > found that Microsoft 2003 DNS servers did not recognise DNAME, so we had
> > > to abandon that. A quick check indicates that 2008 MS DNS does now
> > > support DNAME.
> >
> > Many organizations still don't run 2008 DNS. When you say "Microsoft 2003
> > DNS servers", do you mean "recursive/caching servers don't understand the
> > DNAME RRtype", or "authoritative servers don't support/offer the DNAME
> > RRtype [as master or slave]", or both ?
> >
> > Cheers,
> > Phil
> >
> Both.
They don't have to understand it. They just have to not choke on
it. It was always exected that non DNAME aware servers / libraries
would just ignore the DNAME record in the response.
Overloading DO=1 to also indicate DNAME support is a possibility.
DNSSEC aware client should be expecting DNAME record as DNAME'
understanding is a requirement for them.
It's about a 2 minutes work to stop named emiting a DNAME without
DO being set on normal queries. I suspect that it would be similar
for other nameservers.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list