[getdns-api] Adding an extension to highlight common DNS errors
Andrew Sullivan
asullivan
Wed Jan 30 18:08:53 CET 2013
On Wed, Jan 30, 2013 at 08:13:00AM -0800, Paul Hoffman wrote:
> On Jan 29, 2013, at 12:31 PM, Andrew Sullivan <asullivan at dyn.com> wrote:
>
> >
> > A CNAME response with any other RRTYPE, perhaps?
>
> If the API is acting as a recursive resolver, what circumstance would lead to this?
People break this requirement of the protocol all the time, usually in
an effort to do Stoopid DNS Tricks in support of CDNs. The most
common case observed in the wild is actual CNAME records sitting at
the apex of a zone. Because CNAME chains are supposed to be followed,
what you will see is (for instance) the NS records and a CNAME all at
that owner name. Since this is an absurd situation, the behaviour of
systems is unreliable.
A
--
Andrew Sullivan
Dyn, Inc.
asullivan at dyn.com
v: +1 603 663 0448
More information about the spec
mailing list