[Unbound-users] Puzzling behavior with DNAME
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue May 25 11:44:23 UTC 2010
I'm playing with māori domain names
<http://www.te-reo.maori.dns.net.nz/> and Unbound's behavior surprises
me.
There is a DNAME from māori.dns.net.nz (xn--mori-qsa.dns.net.nz) to
maori.dns.net.nz:
% dig ANY te-reo.xn--mori-qsa.dns.net.nz
...
;; ANSWER SECTION:
xn--mori-qsa.dns.net.nz. 86400 IN DNAME maori.dns.net.nz.
te-reo.xn--mori-qsa.dns.net.nz. 0 IN CNAME te-reo.maori.dns.net.nz.
te-reo.maori.dns.net.nz. 3437 IN A 202.160.48.39
When the name does not exist, a BIND resolver tells me NXDOMAIN:
% dig ANY tagadatsointsoin.xn--mori-qsa.dns.net.nz
...
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57869
But Unbound 1.4.1 tells me NOERROR, which seems wrong:
% dig ANY tagadatsointsoin.xn--mori-qsa.dns.net.nz
; <<>> DiG 9.5.1-P3 <<>> ANY tagadatsointsoin.xn--mori-qsa.dns.net.nz
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3907
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;tagadatsointsoin.xn--mori-qsa.dns.net.nz. IN ANY
;; ANSWER SECTION:
xn--mori-qsa.dns.net.nz. 86400 IN DNAME maori.dns.net.nz.
tagadatsointsoin.xn--mori-qsa.dns.net.nz. 0 IN CNAME tagadatsointsoin.maori.dns.net.nz.
;; AUTHORITY SECTION:
maori.dns.net.nz. 3600 IN SOA loopback.dns.net.nz. soa.nzrs.net.nz. 2010051262 3600 1200 604800 3600
;; Query time: 290 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue May 25 13:43:40 2010
;; MSG SIZE rcvd: 179
I confess I have little experience with DNAMEs. Am I wrong to say that
Unbound is wrong?
More information about the Unbound-users
mailing list