Hi,
I am trying (with no luck) to find out if Windows 8 client receives a CNAME record, Does Windows 8 understand how to deal with this record ? I mean, Does the CNAME record results in a second DNS lookup ?
Thanks,
Rami
Technology Tips and News
Hi,
I am trying (with no luck) to find out if Windows 8 client receives a CNAME record, Does Windows 8 understand how to deal with this record ? I mean, Does the CNAME record results in a second DNS lookup ?
Thanks,
Rami
DNS lookups which point to a CNAME record only result in a single lookup from the client end, but technically they're an A record lookup (since the client doesn't know before hand whether it's an A record or CNAME record they're querying).
Say you have a CNAME record for cname.mydomain.com which points to www.otherdomain.com and that in turn has an A record pointing to 123.123.123.123.
The client queries DNS requesting the A record for cname.mydomain.com. The DNS resolver does the lookup, and discovers that it's a CNAME record. At this point it does a second lookup (without going back to the client) for the IP address of www.otherdomain.com, and then finally once it has that information it passes those details back to the client which it then uses to connect to the relevant resource.
You can see it for yourself. In a cmd prompt if you run nslookup, then type "set q=a", then enter the full CNAME address you're trying to resolve. You'll see the output will appear as :
Name: www.otherdomain.com
Address: 123.123.123.123
Aliases: cname.mydomain.com
I understand that. Assume that the client try to resolve www.otherdomain.com that has a CNAME cname.otherdomain.com. Instead of letting the resolver to do the second lookup, I want to return the CNAME back to the client so it issues a second lookup for that CNAME. Is that possible? Does the CNAME in this case results in issuing a second DNS lookup ?
I am trying to work in such scenario for research purpose.
Thanks.
Not sure there's any way to prevent the DNS resolver from doing the second step. Using nslookup you can use :
set q=cname
which will then return the actual CNAME value, but if you try it you'll also see that it returns the resulting A record details as well.
So I guess it depends on how you're doing the query and how you're processing the result. If you explicitly query for the CNAME then yes you can return that, but if you're simply querying the address then it will always automatically handle that at the DNS resolver end. If you're checking the results returned you can determine whether it was an A record of CNAME record since only a CNAME result will include the Aliases entry.
I am sorry, I might have to state the whole picture. I am doing a change to DNS resolver so that it returns the CNAME to the client instead on issuing another query to get the A record.
In this case, the client will receive the CNAME record as an answer to the first query, and I am wondering if the client will be able in such case to issue another query to resolve the CNAME !
Ahhh, right I see where you're coming from now. I'm afraid I don't know in that case, since it's not the standard expected behaviour from a DNS resolver. Since windows can manually do a CNAME lookup via nslookup my GUESS would be that the client is capable of doing the second lookup, but whether it will do so or whether the application making the query uses the same mechanism are a different matter, and I don't know.
Since it's not the standard DNS resolver behaviour I imagine this may be a case you'd need to test it and see if it works.
DNS lookups which point to a CNAME record only result in a single lookup from the client end, but technically they're an A record lookup (since the client doesn't know before hand whether it's an A record or CNAME record they're querying).
Say you have a CNAME record for cname.mydomain.com which points to www.otherdomain.com and that in turn has an A record pointing to 123.123.123.123.
The client queries DNS requesting the A record for cname.mydomain.com. The DNS resolver does the lookup, and discovers that it's a CNAME record. At this point it does a second lookup (without going back to the client) for the IP address of www.otherdomain.com, and then finally once it has that information it passes those details back to the client which it then uses to connect to the relevant resource.
You can see it for yourself. In a cmd prompt if you run nslookup, then type "set q=a", then enter the full CNAME address you're trying to resolve. You'll see the output will appear as :
Name: www.otherdomain.com
Address: 123.123.123.123
Aliases: cname.mydomain.com
Ahhh, right I see where you're coming from now. I'm afraid I don't know in that case, since it's not the standard expected behaviour from a DNS resolver. Since windows can manually do a CNAME lookup via nslookup my GUESS would be that the client is capable of doing the second lookup, but whether it will do so or whether the application making the query uses the same mechanism are a different matter, and I don't know.
Since it's not the standard DNS resolver behaviour I imagine this may be a case you'd need to test it and see if it works.
DNS lookups which point to a CNAME record only result in a single lookup from the client end, but technically they're an A record lookup (since the client doesn't know before hand whether it's an A record or CNAME record they're querying).
Say you have a CNAME record for cname.mydomain.com which points to www.otherdomain.com and that in turn has an A record pointing to 123.123.123.123.
The client queries DNS requesting the A record for cname.mydomain.com. The DNS resolver does the lookup, and discovers that it's a CNAME record. At this point it does a second lookup (without going back to the client) for the IP address of www.otherdomain.com, and then finally once it has that information it passes those details back to the client which it then uses to connect to the relevant resource.
You can see it for yourself. In a cmd prompt if you run nslookup, then type "set q=a", then enter the full CNAME address you're trying to resolve. You'll see the output will appear as :
Name: www.otherdomain.com
Address: 123.123.123.123
Aliases: cname.mydomain.com
I think this actually is standard behaviour. There is no requirement in the DNS definition for a DNS server to resolve the CNAME, it is authoritative for, to the A record held on a different system. (i.e. a recursive query). If it does return the CNAME and A records, it's just being polite.
As recursive queries aren't a required part of DNS, all clients have the ability to start a new query when it receives a CNAME as the authoritative answer.
Windows DNS has recursion turned on by default but it creates a risk of DoS and DNS poisoning attacks. You should turn it off on DNS servers that do not explicitly need it, especially internet-facing systems.