[nsd-users] * CNAME loop

Chris LaVallee clavallee at edgecast.com
Tue Nov 19 17:14:13 UTC 2013 

Hi,

I'm testing:

$ sudo nsd-control status
version: 4.0.1
verbosity: 2

I found a loop problem with this record:
*         IN  CNAME   none
("none" means no matching record in zone and therefore match * again)

Queries that use "* CNAME" will result in a loop. The response will use TCP
and will be limited to 65k bytes

$ dig @127.0.0.1 sdfgsfg.test.com

;; Truncated, retrying in TCP mode.

; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 sdfgsfg.test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30440
;; flags: qr aa tc rd; QUERY: 1, ANSWER: 4678, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;sdfgsfg.test.com.        IN    A

;; ANSWER SECTION:
sdfgsfg.test.com.    6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
.
.
.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.
none.test.com.        6400    IN    CNAME    none.test.com.

;; Query time: 85 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 19 08:36:52 2013
;; MSG SIZE  rcvd: 65531

--------------------------------------------

A more likely example of this problem is below
*         IN  CNAME  www.google.com    (ending dot is missing)

;; QUESTION SECTION:
;sdfgsf.test.com.               IN      A

;; ANSWER SECTION:
sdfgsf.test.com.        6400    IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.
www.google.com.test.com. 6400   IN      CNAME   www.google.com.test.com.


Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20131119/a19d6094/attachment.htm>

More information about the nsd-users mailing list