Hi Andrew, On Mon, Oct 19, 2015 at 05:39:58PM -0500, Andrew Hayworth wrote: > The ANY query type is weird, and some resolvers don't 'do the legwork' > of resolving useful things like CNAMEs. Given that upstream resolver > behavior is not always under the control of the HAProxy administrator, > we should not use the ANY query type. Rather, we should use A or AAAA > according to either the explicit preferences of the operator, or the > implicit default (AAAA/IPv6).
But how does that fix the problem for you ? In your example below, the server clearly doesn't provide any A nor AAAA in the response so asking it for A or AAAA should not work either if it doesn't recurse, am I wrong ? > PRODUCTION! [email protected]:~$ > dig @10.11.12.53 ANY api.somestartup.io > > ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.11.12.53 ANY api.somestartup.io > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62454 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;api.somestartup.io. IN ANY > > ;; ANSWER SECTION: > api.somestartup.io. 20 IN CNAME > api-somestartup-production.ap-southeast-2.elb.amazonaws.com. (...) I fear that such a change will prevent CNAMEs from working for many users where the DNS servers work fine, and will not necessarily fix the problems for other people. Regards, willy
