From 3ddb0792bb1eded8d56c053247abef741499fab3 Mon Sep 17 00:00:00 2001
From: Ian Gulliver <ian@flamingcow.tv>
Date: Mon, 15 Apr 2019 02:12:33 +0000
Subject: [PATCH] Confusing BIND with CNAMEs

---
 2009-09-11-confusing-bind-with-cnames.html    | 19 +++++++++++++++++++
 index.html                                    |  1 +
 .../2009-09-11-confusing-bind-with-cnames.md  | 17 +++++++++++++++++
 markdown/index.md                             |  1 +
 4 files changed, 38 insertions(+)
 create mode 100644 2009-09-11-confusing-bind-with-cnames.html
 create mode 100644 markdown/2009-09-11-confusing-bind-with-cnames.md

diff --git a/2009-09-11-confusing-bind-with-cnames.html b/2009-09-11-confusing-bind-with-cnames.html
new file mode 100644
index 0000000..1ab02b3
--- /dev/null
+++ b/2009-09-11-confusing-bind-with-cnames.html
@@ -0,0 +1,19 @@
+<!--# set var="title" value="Confusing BIND with CNAMEs" -->
+<!--# set var="date" value="September 11, 2009" -->
+
+<!--# include file="include/top.html" -->
+
+<p>Given the zone:</p>
+
+<pre><code>subdomain IN NS nameserver
+nameserver IN CNAME nameserver.otherserver
+</code></pre>
+
+<p>in a BIND server that is both recursive and authoritative, requests without RD (recursion desired) return the NS record, while requests with RD return SERVFAIL. Changing it to:</p>
+
+<pre><code>subdomain IN NS nameserver.otherserver
+</code></pre>
+
+<p>fixes the problem, though both resolution trees are perfectly valid.</p>
+
+<!--# include file="include/bottom.html" -->
diff --git a/index.html b/index.html
index 335c945..8d10d0d 100644
--- a/index.html
+++ b/index.html
@@ -20,6 +20,7 @@
 <li>2016-Feb-15: <a href="2016-02-15-cable-modem-channel-party.html">Cable modem channel party</a></li>
 <li>2016-Feb-01: <a href="2016-02-01-how-to-enrage-your-cable-modem.html">How to enrage your cable modem</a></li>
 <li>2016-Feb-01: <a href="2016-02-01-hall-of-2-4-ghz-shame-2016-edition.html">Hall of 2.4 GHz Shame, 2016 Edition</a></li>
+<li>2009-Sep-11: <a href="2009-09-11-confusing-bind-with-cnames.html">Confusing BIND with CNAMEs</a></li>
 <li>2009-Feb-19: <a href="2019-02-19-the-odd-case-of-my-mugging.html">The odd case of my mugging</a></li>
 <li>2009-Feb-03: <a href="2009-02-03-5-packet-tcp-connection.html">5-packet TCP connection?</a></li>
 </ol>
diff --git a/markdown/2009-09-11-confusing-bind-with-cnames.md b/markdown/2009-09-11-confusing-bind-with-cnames.md
new file mode 100644
index 0000000..df339c7
--- /dev/null
+++ b/markdown/2009-09-11-confusing-bind-with-cnames.md
@@ -0,0 +1,17 @@
+<!--# set var="title" value="Confusing BIND with CNAMEs" -->
+<!--# set var="date" value="September 11, 2009" -->
+
+<!--# include file="include/top.html" -->
+
+Given the zone:
+
+	subdomain IN NS nameserver
+	nameserver IN CNAME nameserver.otherserver
+
+in a BIND server that is both recursive and authoritative, requests without RD (recursion desired) return the NS record, while requests with RD return SERVFAIL. Changing it to:
+
+	subdomain IN NS nameserver.otherserver
+
+fixes the problem, though both resolution trees are perfectly valid.
+
+<!--# include file="include/bottom.html" -->
diff --git a/markdown/index.md b/markdown/index.md
index dd9150a..b66f93c 100644
--- a/markdown/index.md
+++ b/markdown/index.md
@@ -19,6 +19,7 @@
 1. 2016-Feb-15: [Cable modem channel party](2016-02-15-cable-modem-channel-party.html)
 1. 2016-Feb-01: [How to enrage your cable modem](2016-02-01-how-to-enrage-your-cable-modem.html)
 1. 2016-Feb-01: [Hall of 2.4 GHz Shame, 2016 Edition](2016-02-01-hall-of-2-4-ghz-shame-2016-edition.html)
+1. 2009-Sep-11: [Confusing BIND with CNAMEs](2009-09-11-confusing-bind-with-cnames.html)
 1. 2009-Feb-19: [The odd case of my mugging](2019-02-19-the-odd-case-of-my-mugging.html)
 1. 2009-Feb-03: [5-packet TCP connection?](2009-02-03-5-packet-tcp-connection.html)