Hi,
any DNS server able to do recursive iterations themselves. If it can
resolve without providing forwarders, it would work. Unbound is a good
example, ISC BIND9 alias named as well.
What kind of service is running on it? If you can run a server
somewhere, could it run fully recursive server
Hi Petr, thanks for the explanation. I hope that someday that will be
possible. Do you know of any dns server that would allow me to have
that ?
Concerning your question, query to some-load-balancer.com returns
another CNAME that has a dynamic IP. I have no control over
some-load-balancer.com, so
Hi Salatiel,
Short answer is because the way dnsmasq is implemented.
Primary reason is not security decision, but lightweight implementation
in dnsmasq. It relies on recursive upstream servers to deliver complete
recursed answer. If it contains CNAME, it has to contain also its
target. It might
Hi, don't know anything about dnsmasq internals, but for DNSSEC it seems
extra queries are possible, and the response depends on which flags are
set (ad/do). Would certainly be possible for CNAMEs as well, guess it's
just not implemented.
On 2021-11-06 at 23:22, Dominick C. Pastore wrote:
> As
As far as I know, there is no technical or security reason why a Dnsmasq-like
server would *need* this limitation, but Dnsmasq has it due to design
limitiations.
Dnsmasq either responds to a request entirely locally (using /etc/hosts,
records from the config file, and records from DHCP) or
> Hi, why does dnsmasq cname require an entry on /etc/hosts?
From the dnsmasq man page:
--cname=,[,][,]
Return a CNAME record which indicates that is really .
There is a significant limitation on the target; it must be a DNS record
which is known to dnsmasq and NOT a DNS record which comes
Thanks, but I would like to know the reason why there is that limitation.
Maybe Simon could explain the reason behind it.
Atenciosamente/Kind regards,
Salatiel
On Sat, Nov 6, 2021 at 4:58 PM Horn Bucking wrote:
>
> Hi, why does dnsmasq cname require an entry on /etc/hosts?
>
> From the
Hi, why does dnsmasq cname require an entry on /etc/hosts?
I would like to override "somedomain.com" to "some-load-balancer.com"
as a CNAME.If I start dnsmasq as:
# dnsmasq -dq -r /etc/resolv.upstream --cname
somedomain.com,some-load-balancer.com
If I try to ping somedomain.com, I will get :
ping:
