Subject: [SR-Users] Iterative DNS resolution by enum module ? Date: Wed, Apr 22, 2015 at 11:36:56AM +0200 Quoting jyaim (jyaime@gmail.com):

Hello everyone,

Do you know if the kamailio enum module is able to process 'recursives' dns requests in case of CNAME or NS response, until a NAPTR answer is returned ?

For NS, any recursive resolver does that.

For CNAME, beware. CNAME is dominant; on a node in the DNS tree where there is a CNAME, no other record can be present. Of course, it is entirely possible to have:

fancy.domain.tel. CNAME standard.domain.tel.

and then put for instance:

standard.domain.tel. NAPTR 10 0 "S" "SIP+D2U" "" _sip._udp.telco.tel

What is explicitly forbidden is this:

fancy.domain.tel. IN SOA strowger.axe.tel. root.tel. 17 .... fancy.domain.tel. IN CNAME lame.web.host. www.fancy.domain.tel. IN CNAME lame.web.host.

Look here for something that does work:

$ dig fancy.sub.besserwisser.org NAPTR

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> fancy.sub.besserwisser.org NAPTR ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2322 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;fancy.sub.besserwisser.org. IN NAPTR

;; ANSWER SECTION: fancy.sub.besserwisser.org. 27 IN CNAME simple.sub.besserwisser.org. simple.sub.besserwisser.org. 27 IN NAPTR 10 0 "S" "SIP+D2U" "" _sip._udp.boring.sub.besserwisser.org.

;; AUTHORITY SECTION: sub.besserwisser.org. 27 IN NS primary.se.

If you query for NAPTR but the resolver encounters a CNAME, it will attempt to follow the redirection and then presents whatever answer or lack thereof back. There is no need to do any resolver functionality in the application layer; the answers are there. Perhaps the code handling the response from the system resolver needs to be updated, but that is another thing.