MaraDNS on OpenWRT

Sam Trenholme strenholme.usenet at gmail.com
Mon Feb 1 02:25:55 EST 2010


> But the debian box got.
> When typing "dig somedomain.com", the maradns is resolving. "ping
> somedomain.com" is working fine, too.
> But a "telnet somedomain.com XY" prints "telnet: could not resolve
> somedomain.com/XY: Name or service not known"
> The same happens with ssh and ftp and so on too.
> When I type "telnet -4 somedomain.com XY" the resolving works.

It would help more if you could us a real-world example of this problem.

> Is it a bug in maradns?

Who knows?  It could be anything, and we don't have enough information
to even begin troubleshooting.

My wild ass guess, since you haven't given us any real information, is
that this is the CNAME-and-AAAA bug which is, like all non-security
MaraDNS 1.0 recursive bugs, won't be fixed unless:

1) You pay me to fix it

2) You can show how this bug results in a security problem

3) This bug causes an A or MX query for an Alexa top 500 site to not
resolve at all.

Again, and I've posted this to the list before: I'm working on MaraDNS
2.0 so am no longer fixing non-critical MaraDNS 1.0 recursive bugs.
If you read my blog at http://maradns.blogspot.com you can see I
finally got over the burnout I had last September and am working on
the recursive core for MaraDNS 2.0 again.

- Sam

Note: I do not answer MaraDNS (including Deadwood) support requests
sent by private email without being compensated for my time. A MaraDNS
support request is any and all discussion you may wish to have about
MaraDNS in private email; if you want to email me to talk about
MaraDNS then, yes, that is a support request. I will discuss rates if
you want this kind of support. Thank you for your understanding.

MaraDNS security vulnerability reports, however, will be dealt with
without charge and kept confidential. If you don't know what Bugtraq
is, then, no, your email is not a security report. It is not a
security report unless you've done due diligence to determine how the
security bug you think you found can reasonably be exploited.


More information about the list mailing list