Re: DNS-resolution failed for "www.gracenote.com" when "qname-minimization relaxed|strict;"

Mon, 13 May 2019 17:20:23 -0700 

There is no support for something like this in BIND.  Really the way to fix 
this is
to contact the zone’s technical contact to get the delegation fixed.  You can 
also
try the SOA contact field as well.

Adding a control like you suggested would also slow up every DNS resolution as 
they will
all have to be checked.

Mark

> On 13 May 2019, at 9:36 pm, Tom <tomtux...@gmail.com> wrote:
> 
> Hi list
> 
> Using BIND-9.14.1 as a resolver and qname-minimization set to "relaxed":
> 
> The following A-record resp. CNAME could not be resolved, when 
> qname-minimization is enabled (strict or relaxed):
> 
> www.gracenote.com
> 
> With qname-minimization enabled, BIND tries to get the NS record for 
> "glb.gracenote.com" (after BIND received the CNAME "web.glb.gracenote.com") 
> which results in:
> 
> $ dig @bind-9.14.1 +noall +answer ns glb.gracenote.com
> glb.gracenote.com.    0       IN      NS      
> sc-gtm-1a.globix-sc.gracenote.com.
> 
> 
> Then BIND tries to get the ip address for the mentioned NS 
> (sc-gtm-1a.globix-sc.gracenote.com.) above, which results in NXDOMAIN:
> 
> $ dig @bind-9.14.1 +noall +answer +comment sc-gtm-1a.globix-sc.gracenote.com.
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17096
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: 9b42859a64d8ace1d701a0565cd94f43afdf5dc2a0368d96 (good)
> 
> 
> From the client-perspective, the whole query results in SERVFAIL:
> 
> $ dig @bind-9.14.1 +noall +comment www.gracenote.com
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47277
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: ffb32844e0c268e28df22c8a5cd9528e2dfff5e5f2f857cf (good)
> 
> 
> Question:
> Is there a simple way, where I can configure a zone-wide exception for 
> "qname-minimization" in a (pseudo)-way like this:
> zone "gracenote.com." {       qname-minimization off; };
> 
> What's the best way to "enable" resolution for the mentioned zone without 
> disabling qname-minimization?
> 
> Many thanks for any hints.
> Kind regards,
> Tom
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: ma...@isc.org

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to