2 auth zones: cname expansion?

Michael Tokarev mjt at tls.msk.ru
Mon Feb 14 09:34:53 UTC 2022

14.02.2022 11:29, Michael Tokarev via Unbound-users wrote:
> Hi!
> I've 2 auth-zones with unbound, and one points to another
> with CNAMe. This doesn't work, unbound only return the
> CNAME itself, not including the A record of the CNAME target.
> When the second zone is forward zone, it returns both records.
> ie,
>   a.example.net cname a.example.com
>   a.example.com a
> when both zones are auth-zones, query for a.example.net
> returns just the cname record.  But when example.com is
> forward zone, the same query return both records as it
> should.

And ofc. I mixed them up. When the FIRST zone, with the CNAME,
is auth-zone, there's no recurseve CNAME expanison.  In this
case, if example.NET is auth-zone, it doesn't work, but if
example.NET is forward zone, it works.

> It it a bug or a feature? :)
> Hmm.  I just realized we're running somewhat old version
> of unbound, - 1.13 (on current debian stable), while the
> current version is 1.15. I'll take look at what has changed
> in there.

And 1.15 behaves exactly the same way.


More information about the Unbound-users mailing list