[MaraDNS list] CNAME chaining

Sam Trenholme maradns at gmail.com
Mon Jun 10 04:35:22 EDT 2013 

Deadwood works just fine with CNAME chains...I went to a lot of effort
to get CNAMEs right.

Recently, I fixed an obscure once-in-a-blue-moon Deadwood resolving
bug in Deadwood 3.2.03a.  Make sure to use this version of Deadwood,
which is available here:

http://maradns.org/deadwood/stable/

I am able to resolve the A record for both spireon.com and
www.spireon.com without problem in Deadwood 3.2.03a.  I assume this is
the same bug I saw with whatever.scalzi.com a couple of months ago:

http://samiam.org/blog/20130320.html

If, after upgrading to 3.2.03a, anyone has any problems resolving any
host name that 8.8.8.8/8.8.4.4 can resolve, please post a bug report
here.

- Sam

On Wed, Jun 5, 2013 at 11:50 AM,  <wc-tmp at useunix.net> wrote:
> We're running Deadwood 3.2.01 and I've got users complaining that they
> cannot resolve www.spireon.com.
>
> Indeed when I test this it sometimes works and sometimes doesn't. I've
> tested against my ISPs resolver and Google's public resolvers (8.8.8.8)
> and it works reliably everytime.
>
> In ths case www.spireon.com is a CNAME to another CNAME. Here is the dig
> output (also note, that I've tested with dig and nslookup, both have
> problems when resolving this against Deadwood):
>
> ------------------------------------------------------------------------
>  <<>> DiG 9.9.2-P2 <<>> @10.203.11.39 www.spireon.com.
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9954
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.spireon.com.               IN      A
>
> ;; ANSWER SECTION:
> www.spireon.com.        60      IN      CNAME   global.spireon.com.
> global.spireon.com.     60      IN      CNAME   marketing-elb-spireon1-290371133.us-east-1.elb.amazonaws.com.
> marketing-elb-spireon1-290371133.us-east-1.elb.amazonaws.com. 60 IN A 23.23.215.69
>
> ;; Query time: 111 msec
> ;; SERVER: 10.203.11.39#53(10.203.11.39)
> ;; WHEN: Wed Jun  5 14:42:40 2013
> ;; MSG SIZE  rcvd: 141
> ------------------------------------------------------------------------
>
> I've seen that many recommend against CNAME chaining, while bad practice
> it doesn't appear to violate the RFC, so I think Dw should handle this.
> Can anyone else test this resolution and see if they experience the same
> problem?
>
> Thanks in advance,
> Wayne

More information about the list mailing list