[Pdns-dev] Possible bug in authoritative server CNAME to remote domains?

RafałKupka rkupka+Listy.PDNS at pronet.com.pl
Tue May 26 16:51:22 CEST 2009


On Tue, May 26, 2009 at 10:33:58AM +0100, Mark Zealey wrote:
Hello,

> Hi, we're looking at migrating some of our dns over to powerdns, but I
> believe I've come across a bug in the pdns auth server (v 2.9.22 but
> also present in 2.9.21.1 I believe):

[some other DNS server query result]

> However pdns returns:

> $ dig @10.15.11.4 blah.wfdnstestscript.me.

> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38333
> ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

> ;; QUESTION SECTION:
> ;blah.wfdnstestscript.me.       IN      A

> ;; ANSWER SECTION:
> blah.wfdnstestscript.me. 86400  IN      CNAME   www.blogware.com.

> ie it returns status SERVFAIL when it should actually be NOERROR. I'm
> using the pipe backend (api v2) with:

Please look at:
http://mailman.powerdns.com/pipermail/pdns-users/2007-August/004666.html
http://mailman.powerdns.com/pipermail/pdns-users/2007-August/004667.html

Your PowerDNS server is authoritative to wfdnstestscript.me but not to
blogware.com, is it?


> So it seems that even pdns comments thinks it shouldn't be sending the
> SERVFAIL response in the external CNAME redirection case, however it is.

Only if recursion is enabled.

Regards,
Kupson
-- 
Great software without the knowledge to run it is pretty useless.
(Linux Gazette #1)


More information about the Pdns-dev mailing list