That depends on the implementation. Really old versions of BIND would have accepted the A record. However, it's not in-bailiwick, so any name server that would accept it is very likely vulnerable to cache poisoning.
Current versions of BIND (probably stretching back to somewhere in the 8.2 series) will disregard it and resolve it separately. Chris Buxton BlueCat Networks On 2/21/11, Terry. <te...@list.dnsbed.com> wrote: > Hello, > > Please see the dig info below. ns1.dns-diy.com is the auth-server of > duowan.com domain. > My question is, when ns1.dns-diy.com answer with a CNAME for > "udb.duowan.com", and the answer also include an A RR for that alias, > how will the public DNS cache servers handle this answer? > Will the DNS cache use this A RR as result directly, or they make a > new request for the alias domain name udb.duowan.blogchina.org and > find the result? > > Thanks! > > $ dig udb.duowan.com +trace > > ; <<>> DiG 9.4.2-P2 <<>> udb.duowan.com +trace > ;; global options: printcmd > . 108212 IN NS d.root-servers.net. > . 108212 IN NS e.root-servers.net. > . 108212 IN NS m.root-servers.net. > . 108212 IN NS b.root-servers.net. > . 108212 IN NS g.root-servers.net. > . 108212 IN NS l.root-servers.net. > . 108212 IN NS c.root-servers.net. > . 108212 IN NS i.root-servers.net. > . 108212 IN NS k.root-servers.net. > . 108212 IN NS a.root-servers.net. > . 108212 IN NS j.root-servers.net. > . 108212 IN NS h.root-servers.net. > . 108212 IN NS f.root-servers.net. > ;; Received 512 bytes from 202.96.128.86#53(202.96.128.86) in 4 ms > > com. 172800 IN NS h.gtld-servers.net. > com. 172800 IN NS g.gtld-servers.net. > com. 172800 IN NS e.gtld-servers.net. > com. 172800 IN NS c.gtld-servers.net. > com. 172800 IN NS d.gtld-servers.net. > com. 172800 IN NS a.gtld-servers.net. > com. 172800 IN NS l.gtld-servers.net. > com. 172800 IN NS f.gtld-servers.net. > com. 172800 IN NS k.gtld-servers.net. > com. 172800 IN NS b.gtld-servers.net. > com. 172800 IN NS i.gtld-servers.net. > com. 172800 IN NS m.gtld-servers.net. > com. 172800 IN NS j.gtld-servers.net. > ;; Received 492 bytes from 128.8.10.90#53(d.root-servers.net) in 340 ms > > duowan.com. 172800 IN NS ns1.dns-diy.com. > duowan.com. 172800 IN NS ns2.dns-diy.com. > ;; Received 204 bytes from 192.35.51.30#53(f.gtld-servers.net) in 300 ms > > udb.duowan.com. 90000 IN CNAME udb.duowan.blogchina.org. > udb.duowan.blogchina.org. 5 IN A 64.38.63.4 > ;; Received 86 bytes from 218.85.139.33#53(ns1.dns-diy.com) in 19 ms > > -- > Free SmartDNS Hosting: > http://DNSbed.com/ > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- Sent from my mobile device _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
