On Wed, May 27, 2020 at 01:48:32PM -0400, John R Levine wrote: > is there any consensus as to the maximum CNAME chain length > that works reliably, and what happens if the chain is too long? Hanging > seems sub-optimal.
BIND cuts CNAME chains off at 16. As far as I know that was an arbitrarily- selected value, but it's been in the code since 1999 and so far as I can recall, no one's complained. The maximum reliable chain length won't be any longer than that; it might be shorter. When a chain is too long, I think BIND just returns a response with the 16 CNAMEs it's found so far, and without a final answer. The client can start a new query from where the response left off, but I would expect most to treat it as a non-answer. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop