In message <4fda970e.9080...@riseup.net>, pangj writes: > Hi, > > If BIND is authoritative for zone a, and is not authoritative for zone > b, but zone b is configured in BIND's zone file, and x.zonea.com is > CNAME'd to y.zoneb.com. > > When DNS client queries to this BIND for x.zonea.com, it gets the > authoritative answers for both x.zonea.com and y.zoneb.com, certainly > y.zoneb.com is a fake one. > > How DNS client handle this case? > Thanks.
It depends on the client and whether the zones are signed or not and whether the client is validating responses or not. Stub clients will almost always trust the complete answer. For iterative clients it depends on their level of paranoia. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
