[Pdns-users] Don't return dereferenced CNAMEs
ktm at rice.edu
ktm at rice.edu
Mon Jun 8 22:04:50 UTC 2015
On Mon, Jun 08, 2015 at 02:51:13PM -0700, Mark Moseley wrote:
> I'm curious if there's a setting to tell powerdns not to be helpful and
> return the dereferenced CNAME.
>
> That is, if I look up a given record and it's a CNAME that then points to
> an A record, don't try to then *also* return a lookup of the A record along
> with the CNAME.
>
> The reasons for why it'd happen in our setup are annoying and I don't want
> to go into it :)
>
> I've tried setting out-of-zone-additional-processing to 'no' but that
> doesn't seem to change anything.
>
> It doesn't to break anything (and presumably a resolver that paid attention
> to these records would be subject to cache poisoning). But it's kind of
> weird and could be confusing to people looking at manual lookups.
Hi Mark,
I think you will find that a lot of software will work quite poorly if
you do this. If you are performing a manual lookup, just ask for the
CNAME type in the lookup and that is what you will get.
Regards,
Ken
More information about the Pdns-users
mailing list