On Wed, Nov 02, 2005 at 05:06:47PM +0000, Paul Howarth wrote: > > > Hmm, that's interesting. Your nameserver appears to be returning bad > > > data, though curiously the first answer was the right one in this case. > > > > No, I don't think so... The address returned is the same as in the > > first query; the answer is correct. I believe the reason the data is > > different is because the first query showed authoritative data that > > the name server looked up, whereas the second query returned > > non-authoritative data that the name server had cached. > > > > There seems to be nothing wrong with this -- the client got the same > > address in both cases. > > No, the answer is wrong in the second case. Dig is a tool for doing > low-level DNS lookups, and the first response indicates that www.uit.no > is an alias for w3s2.uit.no (www.uit.no CNAME w3s2.uit.no in DNS), which > has IP address 129.242.5.89. Tbe second response misses out this > important distinction. Ah yes, I overlooked that, for good reason. While true, we're not talking about mail here... what was asked for using the dig command which was used was an A record, which was supplied. It was the correct address. The user was complaining that there was NO answer.... but that was not the case here. The correct address WAS returned, albeit the CNAME was overlooked. Granted this behavior is a little broken, but it does not account for the OP's problem. It would not prevent wget from fetching the page. > The distinction is important because, if say someone was to try sending > mail to webmaster@xxxxxxxxxx, what *should* happen is that the sender's > MTA should spot the CNAME record and rewrite the address as > webmaster@xxxxxxxxxxx, Well, what is supposed to happen is that the MTA first looks up the MX record for the host that you specified, and THAT is used -- ater that, if no MX record exists, it should do an A lookup and convert CNAMEs. I don't think there's any indication in RFC 1123 that the MTA should then do an MX lookup on the canonicalized host, though this does make some sense. But this is just another example of a good reason not to use CNAMEs. I never use them... they only create problems. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D
Attachment:
pgp6rLcswLUHt.pgp
Description: PGP signature