[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#373781: resolver fails if CNAME points to A record in non-authoritative domain

Hello all!

I found similar problem about CNAME -> AAAA translation  first in ping6
and traceroute6.

Original report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612232

Then i disocvered it have much more borader scope
(wget -6, links -6, rsync -6 , ssh -6, traceroute6)
all was erroring with something like:

# LC_ALL=C wget -6 -nv debian.mirror.cambrium.nl
wget: unable to resolve host address `debian.mirror.cambrium.nl'
# 

What is different from this bug is that when i do
"wget -4" or simply "wget" everything works (but of course over ipv4)
(and similary for all other tools), 

What is interesting I am using maradns, so this can be connected.

I also added "options inet6" to the resolv.conf,
but effect is the same in all cases (wget without -4/-6 connects over ipv4,
which is a bug anyway as host have IPv6 addres after CNAME resolution).

I guess it is problem with maradns, becuase after changing resolve.conf to

    nameserver 217.19.16.130     # IP address of ns1.cambrium.nl.

all tools started to work correctly, becuase server returned everything in single
response in additional sections:

# host -r -t ANY debian.mirror.cambrium.nl 217.19.16.130
Using domain server:
Name: 217.19.16.130
Address: 217.19.16.130#53
Aliases: 

debian.mirror.cambrium.nl is an alias for mirror.cambrium.nl.
mirror.cambrium.nl has SOA record ns1.cambrium.nl. postmaster.mirror.cambrium.nl. 1297082265 16384 2048 1048576 2560
mirror.cambrium.nl has address 217.19.16.188
mirror.cambrium.nl has IPv6 address 2a02:58:3:2:80::1
#

# fpdns 217.19.16.130
fingerprint (217.19.16.130, 217.19.16.130): DJ Bernstein TinyDNS 1.05
#


but maradns 1.4.x do not

# host -t ANY debian.mirror.cambrium.nl MYRESOLVER
debian.mirror.cambrium.nl is an alias for mirror.cambrium.nl.
#
# host debian.mirror.cambrium.nl MYRESOLVER
debian.mirror.cambrium.nl is an alias for mirror.cambrium.nl.
mirror.cambrium.nl has address 217.19.16.188
mirror.cambrium.nl has IPv6 address 2a02:58:3:2:80::1
#  (the last one is of course because host utility performs recursion by itself)



With deadwood i see no problem:

OTHERBOX# host -6 -t ANY debian.mirror.cambrium.nl '::1'
Using domain server:
Name: ::1
Address: ::1#53
Aliases: 

debian.mirror.cambrium.nl is an alias for mirror.cambrium.nl.
mirror.cambrium.nl has SOA record ns1.cambrium.nl. postmaster.mirror.cambrium.nl. 1297082265 16384 2048 1048576 2560
mirror.cambrium.nl has address 217.19.16.188
mirror.cambrium.nl has IPv6 address 2a02:58:3:2:80::1
OTHERBOX# 

OTHERBOX# deadwood -h
Deadwood version 20110116-1
...
#

I tested few others recursive servers arround and also BIND 9.x (9.2-9.6)
looks have to have the same problem.


So it is problem/issue, but I do not really know yet if this is bug,
(need to checks specs).

Question is: shouldn't libc by itself resolve this indirection
(of course limiting it to one level of CNAME indirection)?

From behaviour of libc for ipv4 addresses I will safely assume
that indeed libc should perform it, and nacassarly code for ipv6
CNAME -> AAAA is missing, but apperently (CNAME -> A) is there.

What do you thinks?

Thanks,
Witek

-- 
Witold Baryluk

Attachment: signature.asc
Description: Digital signature

Reply to: