Re: [DNSOP] Where in a CNAME chain is the QNAME?

Robert Edmonds Tue, 20 Sep 2016 09:38:17 -0700

Stephane Bortzmeyer wrote:
> Do you like long terminology discussions, backed by a dozen RFC, where
> people disagree on what's written in these RFC? If so, read on.


Yes, please!

> RFC 1034 had a different definition of QNAME but is not clear on the
> specific case of CNAME chains:
> 
> > A standard query specifies a target domain name (QNAME)

RFC 1034 gives an "algorithm" (§4.3.2):

    […] Search the available zones for the zone which is the nearest
    ancestor to QNAME. […]

        […] If the whole of QNAME is matched, we have found the node.

            If the data at the node is a CNAME, and QTYPE doesn't match
            CNAME, copy the CNAME RR into the answer section of the
            response, change QNAME to the canonical name in the CNAME
            RR, and go back to step 1.

            […]

It seems the use of QNAME for anything other than the question resource
record name is due to this "variable reuse" in the §4.3.2 "algorithm".

RFC 1035 gives a definition of QNAME in §4.1.

    All communications inside of the domain protocol are carried in a
    single format called a message. […]

    The names of the sections after the header are derived from their
    use in standard queries.  The question section contains fields that
    describe a question to a name server.  These fields are a query type
    (QTYPE), a query class (QCLASS), and a query domain name (QNAME).
    […]

So, this implies that QNAME means the same thing regardless of whether
the message is a query or response.

Also see §4.1.2 which is even more graphic about where the QNAME is.

> So, which is right? In this DNS query:
> 
> % dig A www.afnic.fr
> 
> ; <<>> DiG 9.10.3-P4-Ubuntu <<>> A www.afnic.fr
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35551
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1280
> ;; QUESTION SECTION:
> ;www.afnic.fr.                IN A
> 
> ;; ANSWER SECTION:
> www.afnic.fr.         213 IN CNAME www.nic.fr.
> www.nic.fr.           213 IN CNAME lb01-1.nic.fr.
> lb01-1.nic.fr.                213 IN A 192.134.5.24
> 
> ;; Query time: 875 msec
> ;; SERVER: 192.168.43.1#53(192.168.43.1)
> ;; WHEN: Tue Sep 20 18:11:06 CEST 2016
> ;; MSG SIZE  rcvd: 100
> 
> Is the QNAME "www.afnic.fr" or "lb01-1.nic.fr" ("the data field of the
> last CNAME")???

"www.afnic.fr", because that is the domain name in the question section.

-- 
Robert Edmonds

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Where in a CNAME chain is the QNAME?

Reply via email to