Hi everyone, [tl;dr - is it ok not to chase CNAMEs out of zones and only to do in-zone glue? how many CNAMEs should one follow? Plus some fun things]
Under the watchful eye of the lovely camel Farsight sent us [1], I've been working on enhancing the 'hello-dns' pages on http://powerdns.org/hello-dns Specifically, I thought it was a good a idea to make a "minimal but correct and best practices" authoritative nameserver. It is called 'tdns', for 'teaching nameserver'. This is described at https://powerdns.org/hello-dns/tdns/README.md.html - I was hoping for a 500 line result, but it appears 1100-1200 or so is where you end up without compression, but with EDNS. The blurb: "Even though the 'hello-dns' documents describe how basic DNS works, and how an authoritative server should function, nothing quite says how to do things like actual running code. tdns is small enough to read in one sitting and shows how DNS packets are parsed and generated. tdns is currently written in C++ 2014, and is MIT licensed. Reimplementations in other languages are highly welcome, as these may be more accessible to other programmers." In writing this server and while consulting with some other implementors, I for now have decided that in 2018 it makes no sense to: 1) chase CNAMEs that point to another zone 2) look for glue outside of the zone Given that any resolver will ignore those answers anyhow. But I wonder, is this ok, and do we already have words on if chasing CNAMEs outside of zones is mandatory or not? Some other fun thoughts: 1) It appears everyone has decided 10 CNAME indirections is 'enough' - is that number somewhere (it was in Jeeves already!) 2) Try: ping goes-via-embedded-nul.tdns.powerdns.org ping goes-via-embedded-space.tdns.powerdns.org. ping goes-via-embedded-dot.tdns.powerdns.org. None of these resolve when I try them, I wonder if that is because implementations want CNAMEs to be 'host names', or if this a chain of bugs. Not practically very relevant, but still. Your thoughts would be most welcome. Bert [1] - so cute https://twitter.com/PowerDNS_Bert/status/983659389935603712 _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
