[Pdns-users] Strange behaviour with ALIAS/CNAME records
Andrea Biancalani
a.biancalani at conmet.it
Mon Apr 17 13:25:38 UTC 2023
Answered point by point below
> Il 17/04/2023 14:23, Brian Candler ha scritto:
>> I suggest you specify the version of pdns authoritative you're
>> running, otherwise this isn't reproducible by anyone. Also what
>> backend you're using and how you're adding/removing records, although
>> I'm guessing it's probably the bind backend.
>>
>>
>> On 17/04/2023 12:50, Andrea Biancalani via Pdns-users wrote:
>>
>>> 4) edit the zone example.com and modify contents like this
>>>
>>>> @ IN ALIAS 60 mytest.example.com.
>>>> www IN CNANE 60 @.
>>>
>>>
>>>
>>> 5) commit changes, it will popup an error
>>>
>>> *RRset www.example.com. IN CNAME: Conflicts with pre-existing RRSET*
>>>
>>
>> (assuming you meant "CNAME" not "CNANE")
>>
Yes, that is a typo
>> The implication is that there is some other record for "www.example.com"
>>
>> What does the following command show at that point?
>>
>> dig @x.x.x.x www.example.com. any
>>
>> (where x.x.x.x is your pdns-auth server's address)
>>
>>
the example is pretty awkward like that , let it be more significant
like this
> @ IN ALIAS 60 www.google.com
> www IN CNAME 60 @.
after I've applied with success above example.com zone , proceeding with
an nslookup at this point gave this result
> > example.com
> ;; communications error to 127.0.0.1#53: timed out
> Server: localhost
> Address: 127.0.0.1#53
>
> Name: example.com
> Address: 142.251.209.36
> > www.example.com
> Server: localhost
> Address: 127.0.0.1#53
>
> www.example.com canonical name = \@.
even checking cname records leads to same result
> > set q=cname
> > www.example.com
> ;; communications error to 127.0.0.1#53: timed out
> Server: localhost
> Address: 127.0.0.1#53
>
> www.example.com canonical name = \@.
while using DIG as method for the query, we obtain a pretty similar response
> root at ns1:~# dig @ns1.mydnshostname.tld example.com any
>
> ; <<>> DiG 9.18.12-0ubuntu0.22.04.1-Ubuntu <<>> @ns1.mydnshostname.tld
> example.com any
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45535
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ;; QUESTION SECTION:
> ;example.com. IN ANY
>
> ;; ANSWER SECTION:
> *example.com. 225 IN A 142.251.209.36**
> **example.com. 74 IN AAAA 2a00:1450:4002:411::2004*
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.1.1#53(ns1.mydnshostname.tld) (TCP)
> ;; WHEN: Mon Apr 17 15:00:33 CEST 2023
> ;; MSG SIZE rcvd: 84
> root at ns1:~# dig @ns1.mydnshostname.tld www.example.com any
>
> ; <<>> DiG 9.18.12-0ubuntu0.22.04.1-Ubuntu <<>> @ns1.mydnshostname.tld
> www.example.com any
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12083
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ;; QUESTION SECTION:
> ;www.example.com. IN ANY
>
> ;; ANSWER SECTION:
> *www.example.com. 60 IN CNAME \@.*
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.1.1#53(ns1.mydnshostname.tld) (TCP)
> ;; WHEN: Mon Apr 17 15:02:19 CEST 2023
> ;; MSG SIZE rcvd: 59
>> Is it possible that you deleted other records for "www.example.com"
>> at the same time?
>>
Original zone has only that 2 records, editing the zone just 1 change at
a time
>> Again, what does "dig @x.x.x.x www.example.com. any" show at this
>> point, and is it different to case 5?
>>
Same results as before
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230417/c8292df0/attachment-0001.htm>
More information about the Pdns-users
mailing list