While I should have been doing something else, I made a rather long CNAME
chain. When I looked up chain.examp1e.com it got SERVFAIL, but after I
warmed up my cache five links at a time by looking for chain5, chain10,
chain15, and so forth, it worked. At least it worked in "dig" and "host".
When I try and look up http://chain.examp1e.com, Chrome waits a while
and says not found,
If Chrome is using its built-in stub, there's not expected to be a limit
(other than the overall message size limits), but nothing tests chains this
long other than security fuzzers that are only looking for crashes or
memory issues.
On my Mac, I get surprisingly consietent browser results. In Chrome,
Firefox, and Safari, chain10.examp1e.com works, chain11.examp1e.com fails
slowly. From the TTLs I get from dig, it appears that none of them are
using the resolver to follow the CNAME chains. For Firefox I have the
canary domain blocked so I dunno what it is doing.
chain12.examp1e.com. 3449 IN CNAME chain11.examp1e.com.
chain11.examp1e.com. 3486 IN CNAME chain10.examp1e.com.
chain10.examp1e.com. 3455 IN CNAME chain9.examp1e.com.
chain9.examp1e.com. 3455 IN CNAME chain8.examp1e.com.
chain8.examp1e.com. 3455 IN CNAME chain7.examp1e.com.
chain7.examp1e.com. 3455 IN CNAME chain6.examp1e.com.
chain6.examp1e.com. 3455 IN CNAME chain5.examp1e.com.
chain5.examp1e.com. 3455 IN CNAME chain4.examp1e.com.
chain4.examp1e.com. 3455 IN CNAME chain3.examp1e.com.
chain3.examp1e.com. 3455 IN CNAME chain2.examp1e.com.
chain2.examp1e.com. 3455 IN CNAME chain1.examp1e.com.
chain1.examp1e.com. 3466 IN CNAME chain0.examp1e.com.
chain0.examp1e.com. 3460 IN A 64.57.183.119
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
