Skip to content

DNAME record returned with query domain name instead of actual name

Hello Team,

Consider the following zone file:
test. 500 SOA ns1.campus.edu. root.campus.edu. 3 86400 7200 604800 300
test. 500 NS ns1.outside.edu.
*.test. 500 DNAME some.domain.

Wildcard DNAMEs are discouraged by RFC 6672, but if somehow a user creates such a zone, then Knot behavior is different from Bind, NSD and PowerDNS.

All the four implementations' pre-processors like kzonecheck raise no warnings and accept the zone file.

For the query <a.*.test., CNAME> Bind, PowerDNS and NSD responds as following:

          "rcode NOERROR",
          "flags QR AA",
          ";QUESTION",
          "a.*.test. IN CNAME",
          ";ANSWER",
          "*.test. 500 IN DNAME some.domain.",
          "a.*.test. 500 IN CNAME a.some.domain.",
          ";AUTHORITY",
          "test. 500 IN NS ns1.outside.edu.",
          ";ADDITIONAL"

but Knot responds as follows:

          "rcode NOERROR",
          "flags QR AA",
          ";QUESTION",
          "a.*.test. IN CNAME",
          ";ANSWER",
          "a.*.test. 500 IN DNAME some.domain.",
          "a.*.test. 500 IN CNAME a.some.domain.",
          ";AUTHORITY",
          ";ADDITIONAL"

The returned DNAME record is replaced by the query name instead of the original record name.

I'm filing it as an issue to document as there is some behavior difference between Knot and others.

Thanks, Siva