[Pdns-dev] Possible bug in authoritative server CNAME to remote domains?

RafałKupka rkupka+Listy.PDNS at pronet.com.pl
Tue May 26 16:51:22 CEST 2009

On Tue, May 26, 2009 at 10:33:58AM +0100, Mark Zealey wrote:

> Hi, we're looking at migrating some of our dns over to powerdns, but I
> believe I've come across a bug in the pdns auth server (v 2.9.22 but
> also present in I believe):

[some other DNS server query result]

> However pdns returns:

> $ dig @ blah.wfdnstestscript.me.

> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38333
> ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

> ;blah.wfdnstestscript.me.       IN      A

> blah.wfdnstestscript.me. 86400  IN      CNAME   www.blogware.com.

> ie it returns status SERVFAIL when it should actually be NOERROR. I'm
> using the pipe backend (api v2) with:

Please look at:

Your PowerDNS server is authoritative to wfdnstestscript.me but not to
blogware.com, is it?

> So it seems that even pdns comments thinks it shouldn't be sending the
> SERVFAIL response in the external CNAME redirection case, however it is.

Only if recursion is enabled.

Great software without the knowledge to run it is pretty useless.
(Linux Gazette #1)

More information about the Pdns-dev mailing list