[Pdns-users] NXDOMAIN on CNAME and UPC
Pawel Panek
pawel.panek at cloudaccess.net
Wed May 29 13:12:38 UTC 2013
>
> You are claiming to be authoritative for root zone. Please do not claim root zone for yourself.
Right, this what I was concerned about too. Going this path I think I
have it solved my problem.
I had no clue why PowerDNS is answering like that and just assumed
this is an answer related CNAME target which is out zone.
I'm using mysql backend and nowhere in records table I have soa record
defined for '.'. But I had bunch of records with empty name and type
SOA. They were assigned to some domain_id but apparently mysql backend
treats them as SOA for root. When I added a name (a FQDN) for all such
SOA records the response for that CNAME has changed. Now it looks like
this:
dig cdn.example.com @1xx.1xx.1xx.1xx
; <<>> DiG 9.7.3 <<>> cdn.example.com @1xx.1xx.1xx.1xx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45388
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;cdn.example.com. IN A
;; ANSWER SECTION:
cdn.example.com. 3600 IN CNAME randomstr.cloudfront.net.
;; Query time: 158 msec
;; SERVER: 1xx.1xx.1xx.1xx#53(1xx.1xx.1xx.1xx)
;; WHEN: Wed May 29 14:38:15 2013
;; MSG SIZE rcvd: 79
Status is NOERROR and there's no Authority section.
Thanks Aki for pointing that out.
I think UPC is innocent in this case and actually thanks to their
servers being strict enough to point out misconfiguration on my end.
(Well, I can blame mysql backend but let it be I had wrong records in
db).
>
> Aki Tuomi
More information about the Pdns-users
mailing list