To prevent cache poisoning via cnames. It it simpler to always lookup the target of the cname that to figure out if we would accepted the following data.
server A has zones foo.example and bar.example configured server B has zone bar.example configured bar.example is only delegated to server B of the two server above. The is a cname from www.foo.example -> www.bar.example Server A return a complete answer but the www.bar.example data is from the wrong zone instance. This happens accidentally in real life. Mark In message <1401468033.15948.1445459552099.javamail.vpopm...@atl4oxapp02pod1.mg t.hosting.qts.netsol.com>, Steve Arntzen writes: > > I'm sure there's a good, simple reason for this, I just can't seem to find th > e > answer searching on the Internet. > > > Why does named perform a lookup for the A record when its IP is returned with > the CNAME in the first answer? > > > Using dig, I find play.google.com is a CNAME for play.l.google.com. > > > When asked to resolve it, named will first look for play.google.com. The res > ult > will include the CNAME and the IP of the A record. > > > Named then makes a second request to resolve the A record. > > > Thanks in advance, > > > Steve. > ------=_Part_15947_1241356502.1445459552087 > MIME-Version: 1.0 > Content-Type: text/html; charset=UTF-8 > Content-Transfer-Encoding: 7bit > > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/T > R/xhtml1/DTD/xhtml1-strict.dtd"> > > <html xmlns="http://www.w3.org/1999/xhtml";><head> > <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> > </head><body><p>I'm sure there's a good, simple reason for this, I j > ust can't seem to find the answer searching on the Internet.</p><p><br></ > p><p>Why does named perform a lookup for the A record when its IP is returned > with the CNAME in the first answer?</p><p><br></p><p>Using dig, I find play. > google.com is a CNAME for play.l.google.com.</p><p><br></p><p>When asked to r > esolve it, named will first look for play.google.com.  The result will i > nclude the CNAME and the IP of the A record.</p><p><br></p><p>Named then make > s a second request to resolve the A record.</p><p><br></p><p>Thanks in advanc > e,</p><p><br></p><p>Steve.</p></body></html> > ------=_Part_15947_1241356502.1445459552087-- > > --===============7115022951714415033== > Content-Type: text/plain; charset="us-ascii" > MIME-Version: 1.0 > Content-Transfer-Encoding: 7bit > Content-Disposition: inline > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > --===============7115022951714415033==-- -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
