On Thu Dec 20 2007 at 14:28:34 CET, Duane wrote:
> > 2. Disallow adding CNAME and other data. It kills BIND zone transfers ;-)
>
> Why does it? Wouldn't it be better to fix what ever real problem exists
> then glossing over them and denying users full DNS functionality?
RFC 1034, section 3.6.2 specifies: "If a CNAME RR is present at a
node, no other data should be present"
If other data (say an A RR) is present, BIND refuses (correctly) to
transfer the zone.
> For what its worth, I haven't noticed any problems with zone transfers.
I certainly have, in cases where users erroneously add a CNAME to a
record that already exists. BIND tries again and again, and then of
course, expires the zone.
-JP
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
