Behavior Difference in following CNAME rewrite

Question

Behavior Difference in following CNAME rewrite

SivaKesava1 opened this issue 9 months ago · comments

Siva Kesava R Kakarla commented 9 months ago

Ferret discovered a difference in behavior from Bind, NSD and Knot that is probably not a bug, but might be interesting to know.

This is using test case 320.

Zone file is:

campus.					      500 IN SOA	ns1.outside.edu. root.campus.edu. 3 604800 86400 2419200 604800
campus.					      500 IN NS		ns1.outside.edu.
*.campus.				      500 IN CNAME	example.uni.email.campus.

Response from Technitium:

          "opcode QUERY",
          "rcode NOERROR",
          "flags QR AA RA",
          ";QUESTION",
          "mybankcard.campus. IN NS",
          ";ANSWER",
          "mybankcard.campus. 500 IN CNAME example.uni.email.campus.",
          ";AUTHORITY",
          ";ADDITIONAL"

Response from Bind, Knot and NSD is:

           "opcode QUERY",
          "rcode NOERROR",
          "flags QR AA",
          ";QUESTION",
          "mybankcard.campus. IN NS",
          ";ANSWER",
          "mybankcard.campus. 500 IN CNAME example.uni.email.campus.",
          "example.uni.email.campus. 500 IN CNAME example.uni.email.campus.",
          ";AUTHORITY",
          ";ADDITIONAL"

They all use the CNAME record again to rewrite the new query, and then they notice that both the query name and the target are the same, so they stop. CNAME chains should be followed, so the expected response is to have both the records.

--Siva

Shreyas Zare · Answer 1 · Fri Sep 29 2023 20:45:33 GMT+0800 (China Standard Time)

Thanks for the feedback. Yes this is due to CNAME checks added which prevents another CNAME record being added if it points to same domain. Will check this implementation once again.

Shreyas Zare · Answer 2 · Tue Oct 31 2023 23:31:14 GMT+0800 (China Standard Time)

Thanks again for the report. Technitium DNS Server v11.5.2 is now available that fixes this issue. Do update and let me know your feedback.