[Pdns-users] CNAME to non locally hosted domain

Richard Mayhew - Nashua Broadband RichardM at nashuabroadband.com
Fri May 5 06:39:29 UTC 2006


Thanks for the info. What would you say is the best way forward? Do I
rely on a local recursor or hope that the requestor is RFC compliant? No
Clients will be using the server for any queries, as PowerDNS will only
act as a authoritive server?


-----Original Message-----
From: bert hubert [mailto:bert.hubert at netherlabs.nl] 
Sent: 04 May 2006 06:20 PM
To: Richard Mayhew - Nashua Broadband
Cc: pdns-users at mailman.powerdns.com
Subject: Re: [Pdns-users] CNAME to non locally hosted domain

On Thu, May 04, 2006 at 05:35:18PM +0200, Richard Mayhew - Nashua
Broadband wrote:
> Could someone explain to me how PowerDNS handles CNAME's that resolve 
> to a entry that is not part of a locally hosted domain.

Ok, there are two cases. If no recursor is configured, or of the
question did not ask for recursion, PowerDNS responds with the CNAME and
a ServFail, as per the RFC. If so configured, PowerDNS will respond with
a 'root referral', but it is the same thing.

This works well in practice, recursors understand this.

If a recursor is configured AND the packet requests recursion (try this
with 'dig +norecurs' or 'dig +recurs', the default) , it depends a bit.
If 'lazy-recursion' is configured, only the target of the CNAME is sent
to the recursor. This is the default.

If lazy-recursion is off, the *entire* question would be handed off to
the recursor immediately, so the local database would not be queried..
but the recursor might do that for us.

I realise this is complex, but by default we do the right thing for
almost everybody.

Let me know if you need more explanation.

Kind regards,

bert hubert

http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the Pdns-users mailing list