From owner-freebsd-current@FreeBSD.ORG Tue May 18 16:12:25 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 085E216A558 for ; Tue, 18 May 2004 16:12:15 -0700 (PDT) Received: from chello080110061116.502.15.vie.surfer.at (chello080110061116.502.15.vie.surfer.at [80.110.61.116]) by mx1.FreeBSD.org (Postfix) with SMTP id 1E65743D8E for ; Tue, 18 May 2004 15:35:02 -0700 (PDT) (envelope-from 4711@chello.at) Received: (qmail 28629 invoked from network); 18 May 2004 22:34:43 -0000 Received: from matrix010.matrix.net (192.168.123.10) by ns.matrix.net with SMTP; 18 May 2004 22:34:43 -0000 From: Christian Hiris <4711@chello.at> To: freebsd-current@freebsd.org Date: Wed, 19 May 2004 00:34:17 +0200 User-Agent: KMail/1.6.2 References: <20040518063753.GB2038@over-yonder.net> <16554.7288.281205.464222@ran.psg.com> <20040518143027.GE2038@over-yonder.net> In-Reply-To: <20040518143027.GE2038@over-yonder.net> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_C+oqAZijs1ZBeoH"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405190034.42930.4711@chello.at> cc: Randy Bush cc: Don Lewis cc: cyrille.lefevre@laposte.net cc: "Matthew D. Fuller" Subject: Re: bind timeouts X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 23:12:25 -0000 --Boundary-02=_C+oqAZijs1ZBeoH Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 18 May 2004 16:30, Matthew D. Fuller wrote: > On Tue, May 18, 2004 at 07:23:52AM -0700 I heard the voice of > > Randy Bush, and lo! it spake thus: > > >> RFC974 says: > > >> There is one other special case. If the response contains an > > >> answer which is a CNAME RR, it indicates that REMOTE is actually > > >> an alias for some other domain name. The query should be repeated > > >> with the canonical domain name. > > > > > > That covers the intial lookup, meaning that a CNAME pointing to an MX > > > is legal. > > > > no. it means an MX referring to a CNAME which resolves to an A > > Not by my reading. > > The first step for the mailer at LOCAL is to issue a query for MX > RRs for REMOTE. > > [...] > > If the response contains an answer which is a CNAME RR, it > indicates that REMOTE is actually an alias for some other domain > name. The query should be repeated with the canonical domain name. > > which covers the case: > > foo IN CNAME bar > bar IN MX 10 mail > mail IN A 127.0.0.1 > > > not the case: > > foo IN MX 10 bar > bar IN CNAME mail > > ---------------- > > But, as I came across in a completely seperate quest (today is Bizarre > Coincidence Day, boys and girls!), see RFC2181 =A710.3: > > The domain name used as the value of a NS resource record, or part > of the value of a MX resource record must not be an alias. > > Of course, 2181 is a _Proposed_ Standard, for whatever value you may > choose to assign to that classification. I found this in rfc 974 under 'Minor Special Issues' [...] Note that the algorithm to delete irrelevant RRs breaks if LOCAL has a alias and the alias is listed in the MX records for REMOTE. (E.g. REMOTE has an MX of ALIAS, where ALIAS has a CNAME of LOCAL). This can be avoided if aliases are never used in the data section of MX RRs. [...] Does it describe a situation like this?=20 IN NS ns.sample.org. IN MX 10 mail foo IN A 192.168.1.1 ns IN CNAME foo mail IN CNAME foo =2D-=20 Christian Hiris <4711@chello.at> | OpenPGP KeyID 0x941B6B0B=20 OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu --Boundary-02=_C+oqAZijs1ZBeoH Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAqo+Ccyi/EZQbawsRAg3qAKCW9zyg5BUB8o1NeCDJVly8ZmgRcgCfeB4h jwuccrKZ8J1n3ACfBTQP5po= =8a29 -----END PGP SIGNATURE----- --Boundary-02=_C+oqAZijs1ZBeoH--