[Pdns-users] CNAME resolution with Windows 2003

Sun Apr 23 06:56:00 UTC 2006

Hi All,

We are having a problem where SOME Windows 2003 DNS servers ou there are
not correctly resolving against our authoratative Power DNS server.

What is happening is that a number of domains hosted on our DNS have
records that are aliases to CNAMEs which the server is not authoratative
for. The server is returning an NXDOMAIN response along with the CNAME
but some Windows 2003 servers are then giving up at that point and
passing this back to the client. The calling application then thinks the
domain doesn't exist.

For example:

dig @dns0.positive-internet.com www.gllug.org.uk

; <<>> DiG 9.3.2 <<>> @dns0.positive-internet.com www.gllug.org.uk
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12363
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.gllug.org.uk.              IN      A

;; ANSWER SECTION:
www.gllug.org.uk.       10800   IN      CNAME   www.gllug.ukfsn.org.

;; AUTHORITY SECTION:
.                       10800   IN      SOA
dns0.positive-internet.com. hostmaster.positive-internet.com. 1145731650
10800 3600 3600000 3600

;; Query time: 99 msec
;; SERVER: 80.87.128.65#53(80.87.128.65)
;; WHEN: Sun Apr 23 07:47:35 2006
;; MSG SIZE  rcvd: 160

This returns the correct answer but also an NXDOMAIN.

I have set up this domain on a BIND server and run the same query and
the BIND server will return NOERROR and also an A record for the CNAME.
Now, it seems that nearly all resolvers do the right thing at this point
but some are not. Is there any way that we can make PowerDNS return a
NOERROR and the A record as well, as BIND does, so that the small number
of (presumably broken) Windows 2003 servers out there can resolve correctly?

Or am I missing the point somewhere?

Please let me know if I need to supply any more detail or information.

Thanks :)

Stephen