Hi, I have a question concerning answers from DNS servers, when I query a name with type "any" and the name is a CNAME. I have the following example (works also in Internet) with an ISC BIND server (BIND 9.7.0-P1):
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @newton.genesiscom.ch dns.ipam.ch ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25078 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dns.ipam.ch. IN A ;; ANSWER SECTION: dns.ipam.ch. 600 IN CNAME www.ipam.ch. www.ipam.ch. 600 IN A 81.18.25.238 ;; Query time: 1 msec ;; SERVER: 10.10.3.13#53(10.10.3.13) ;; WHEN: Mon Mar 7 11:52:38 2011 ;; MSG SIZE rcvd: 63 As you can see, we have a CNAME dns.ipam.ch that points to www.ipam.ch. www.ipam.ch is an A-Record to 81.18.25.238. When I do the following query (type=any to dns.ipam.ch), only the CNAME itself will be in the answer section (the A-Record not): ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @newton.genesiscom.ch dns.ipam.ch any ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46532 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;dns.ipam.ch. IN ANY ;; ANSWER SECTION: dns.ipam.ch. 600 IN CNAME www.ipam.ch. ;; Query time: 1 msec ;; SERVER: 10.10.3.13#53(10.10.3.13) ;; WHEN: Mon Mar 7 11:53:21 2011 ;; MSG SIZE rcvd: 47 When I do a comparable query (also with type=any) to another DNS Server (eg. google.com).... ; <<>> DiG 9.3.2 <<>> @ns1.google.com. www.google.com. any ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1636 ;; flags: qr aa rd; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN ANY ;; ANSWER SECTION: www.google.com. 604800 IN CNAME www.l.google.com. www.l.google.com. 300 IN A 74.125.232.114 www.l.google.com. 300 IN A 74.125.232.115 www.l.google.com. 300 IN A 74.125.232.116 www.l.google.com. 300 IN A 74.125.232.113 www.l.google.com. 300 IN A 74.125.232.112 ;; Query time: 46 msec ;; SERVER: 216.239.32.10#53(216.239.32.10) ;; WHEN: Mon Mar 07 09:44:32 2011 ;; MSG SIZE rcvd: 132 ... I will get also the associated A Records. Does anybody have an idea, why the behavior is different? Can I configure this on my DNS Server (ISC BIND)? FYI: dig @ns1.hp.com. www.hp.com. any and dig @ns1.yahoo.com. www.yahoo.com any will also answer without any A-Records (like me). I have the following questions: - which one is correct (RFC)? - is it configurable in ISC BIND? - does the behavior depends on different BIND version? I know that it is not very common to do queries with type any. The problem we have is the following: A Device/Application in our network is doing always queries from type "any". >From our side it's not possible to change the type, because it's hard-coded in >the software. Kind regards Adrian
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
