Skip to content

Issue With MR 253 QNAME Minimization

It seems commit 7dc84eaa turned BIND (running in forward-only mode) into recursive-only mode.

A PTR query for 1.0.0.127.in-addr.arpa has the following sequence:


NS arpa
NS in-addr.arpa
NS 127.in-addr.arpa
PTR 1.0.0.127.in-addr.arpa

With DNSSEC validation enabled, the same query has the following sequence:


NS arpa
NS in-addr.arpa
NS 127.in-addr.arpa
PTR 1.0.0.127.in-addr.arpa
DS ARPA
DS IN-ADDR.ARPA
DNSKEY arpa
DS 127.IN-ADDR.ARPA
DNSKEY in-addr.arpa
DS 0.127.IN-ADDR.ARPA
DS 0.0.127.IN-ADDR.ARPA
DS 1.0.0.127.IN-ADDR.ARPA

Same for any other query.

named.conf used for testing:


acl "listen-ports" { 127.0.0.1;10.0.0.10; };
acl "local-net" { 127.0.0.1;10.0.0.0/24; };
options {
 directory "C:\DNS\etc";
 notify no;
 allow-transfer { none; };
 allow-update { none; };
 allow-query-cache { local-net; };
 allow-query { local-net; };
 listen-on { listen-ports; };
 listen-on-v6 { none; };
};
// Forwarders
zone "." IN {
 type forward;
 forwarders { 10.0.0.5; };
 forward only;
};
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information