Does unbound *ever* work with CNAMEs in any local data?
Paul Wouters
paul at nohats.ca
Mon May 29 13:14:27 UTC 2023
On Mon, 29 May 2023, Michael Tokarev via Unbound-users wrote:
> unbound does not expand CNAMEs seen in local configuration.
>
> It does not look like this is by design.
It kinda is. The local configuration data _overrides_ the resolver
trying to find the answer. By wanting to use CNAMEs, you want to
invoke the resolver to find answers.
> Just from logic, it smells like expanding CNAMEs within locally-configured
> data is even *easier* than to do it recursively. And other, simpler name
> servers does that.
You can CNAMEs in local data pointing to other local data? That really
begins to look like authoritative name server code. Other software that
combines an authoritative server and recursive server (eg bind) might
support that but unbound is not an authoritative server.
Paul
More information about the Unbound-users
mailing list