On 05/20/2011 07:16 AM, Tory M Blue wrote:
This causes all types of failures if just using dig, or Linux built in
lookup mechanism, or heck Perl or PHP methods as well. None of the
stated methods, know that they should now query
cdn.domain.net.edgesuite.net, so they provide the CNAME and SERVFAIL
or whatever.
That's because stub resolvers are not recursive resolvers.
No-one should be querying your authoritative servers unless they are
themselves a full recursive resolver, and those will handle this
situation just fine.
Serving A records for other zones isn't valid anyway - for security
reasons they'll be ignored (after all, you could be trying to poison the
far end cache, and are not authoritative for the zones containing the
CNAME target)
Can you give more info about how this is causing actual problems, versus
problems with dig/perl/whatever?
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
