Skip to content

Specify and correct behavior when faced with illegal aliases in zone files

Marc van der Wal requested to merge vanderwal/ibdns:bugfix/#30 into develop

Illegal aliases are nodes that mix CNAME and other types of resource records, or have more than one CNAME.

Normal DNS servers reject loading zone files containing such illegal nodes. IBDNS does not, because it is actually valuable to be able to serve such invalid data.

In order to be correct by default, IBDNS should not serve any nodes that are illegal aliases, unless told otherwise. With this PR, IBDNS will answer SERVFAIL by default if the queried name contains a CNAME and some other data (or more than one CNAME).

If the configuration variable “serve_illegal_aliases” is set to true, however, IBDNS will behave in a better-specified way. IBDNS will serve the resource record set of the requested type if a non-empty set exists, and serve the unchased CNAME otherwise. For example, if a node contains A, AAAA and CNAME, then an A query will return the A records, but a TXT query will return the CNAME without chasing it. If a node contains more than one CNAME, then the unchased set of CNAMEs will be returned.

Merge request reports

Loading