Why two lookups for a CNAME?

2015-10-21 Thread Steve Arntzen
I'm sure there's a good, simple reason for this, I just can't seem to find the answer searching on the Internet. Why does named perform a lookup for the A record when its IP is returned with the CNAME in the first answer? Using dig, I find play.google.com is a CNAME for play.l.google.com.

RE: Why two lookups for a CNAME?

2015-10-21 Thread Steve Arntzen
Thank you Jeff. I was just wondering why, when the IP comes back with the first response, does named ask again? Is it just being literal (like me) or will it not always get the IP in the first request (depending on the DNS server)? Steve. > On October 21, 2015 at 3:42 PM "Lightner,

Re: Why two lookups for a CNAME?

2015-10-21 Thread Mark Andrews
To prevent cache poisoning via cnames. It it simpler to always lookup the target of the cname that to figure out if we would accepted the following data. server A has zones foo.example and bar.example configured server B has zone bar.example configured bar.example is only delegated to server B

RE: Why two lookups for a CNAME?

2015-10-21 Thread Lightner, Jeff
Because the purpose of DNS primarily is to equate a name with an IP as applications talk to IPs not to names. When you have a CNAME you’re equating one name with another name. That other name then has to be looked up so the application knows what IP access. This saves time if you have

Re: Why two lookups for a CNAME?

2015-10-21 Thread Karl Auer
On Wed, 2015-10-21 at 20:42 +, Lightner, Jeff wrote: > Because the purpose of DNS primarily is to equate a name with an IP as > applications talk to IPs not to names. When you have a CNAME you’re > equating one name with another name. That other name then has to be > looked up so the

Re: Why two lookups for a CNAME?

2015-10-21 Thread Steve Arntzen
Makes sense. Better safe than sorry. Thanks, Steve. > > On October 21, 2015 at 4:01 PM Mark Andrews wrote: > > > > To prevent cache poisoning via cnames. It it simpler to always > lookup the target of the cname that to figure out if we would > accepted

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-21 Thread Woodworth, John R
> > From: bind-users-boun...@lists.isc.org > [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Harshith Mulky > Sent: Tuesday, October 20, 2015 10:50 AM > To: bind-users@lists.isc.org > Subject: RE: bind-users Digest, Vol 2230, Issue 1 > > No Mark, This is not a question I am asked to answer

RE: bind-users Digest, Vol 2230, Issue 1

2015-10-21 Thread Harshith Mulky
Hello John, 1.) Are these devices some type of VoIP device? I've seen many novel DNS based scenarios used for VoIP before.[Harshith] yes, they are VOIP devices which use "lwresd" to talk to external DNS Servers 2.) I assume the path has been sniffed, are other records used as well, say