[dns-operations] 答复: DNS forwarder behavior on response with cname

Mukund Sivaraman muks at mukund.org
Fri Dec 7 12:46:37 UTC 2018


On Fri, Dec 07, 2018 at 06:12:23PM +0800, Davey Song(宋林健) wrote:
> Thanks Mukund. I will look into that document. 
> 
> But I'm not convinced by the txt you quote. Because the forwarder or
> proxy most probably receive records from the cache of the upstream
> resolver. I mean the AD bit will never set in the response received by
> the forwarder from upstream resolver. How a forwarder is expected to
> receive a authoritative answers from authoritative server. In my test
> case, the local resolver receive 2 cname records and one A record from
> 114.114.114.114. It query again to 114.114.114.114 for A query of the
> cname. It makes no sense.

This is probably due to code that doesn't mark the cacheable parts any
differently in the forwarder case. What brand of resolver are you using?

In the case of BIND, this marking code has changed recently so I have to
look.. but IIRC it only marks the CNAME RR matching the query as
cachable among the answer message contents. It could be tweaked for the
forwarder case.

		Mukund


More information about the dns-operations mailing list