[dns-operations] CNAME points to itself

Paul Vixie paul at redbarn.org
Tue Jul 5 16:30:42 UTC 2016

"CNAME chains should be followed and CNAME loops signalled as an error." 
(RFC 1034, page 15).

that signaling is done at follow-time, which is not in the authority server.


Stephane Bortzmeyer wrote:
> On Tue, Jul 05, 2016 at 02:48:20PM +0800,
>   yhpeng at orange.fr<yhpeng at orange.fr>  wrote
>   a message of 16 lines which said:
>> I have found that CNAME can be setup to point to itself (at least in BIND9
>> it can be).
>> www.itest.com.          300     IN      CNAME   www.itest.com.
>> should this be disabled?
> It wouldn't help, a rogue DNS zone operator could always run a
> modified version (or simply another server) allowing this. A DNS
> resolver MUST defend itself against the possibility of infinite
> recursion
> <https://indico.dns-oarc.net/event/21/contribution/11/material/slides/0.pdf>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

P Vixie

More information about the dns-operations mailing list