Subject: [SR-Users] Iterative DNS resolution by enum module ? Date: Wed, Apr 22, 2015 at
11:36:56AM +0200 Quoting jyaim (jyaime(a)gmail.com):
Hello everyone,
Do you know if the kamailio enum module is able to process
'recursives' dns requests in case of CNAME or NS response, until a
NAPTR answer is returned ?
For NS, any recursive resolver does that.
For CNAME, beware. CNAME is dominant; on a node in the DNS tree where
there is a CNAME, no other record can be present. Of course, it is
entirely possible to have:
fancy.domain.tel. CNAME standard.domain.tel.
and then put for instance:
standard.domain.tel. NAPTR 10 0 "S" "SIP+D2U" ""
_sip._udp.telco.tel
What is explicitly forbidden is this:
fancy.domain.tel. IN SOA strowger.axe.tel. root.tel. 17 ....
fancy.domain.tel. IN CNAME lame.web.host.
www.fancy.domain.tel. IN CNAME lame.web.host.
Look here for something that does work:
$ dig
fancy.sub.besserwisser.org NAPTR
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>>
fancy.sub.besserwisser.org
NAPTR
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2322
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;fancy.sub.besserwisser.org. IN NAPTR
;; ANSWER SECTION:
fancy.sub.besserwisser.org. 27 IN CNAME
simple.sub.besserwisser.org.
simple.sub.besserwisser.org. 27 IN NAPTR 10 0 "S" "SIP+D2U"
""
_sip._udp.boring.sub.besserwisser.org.
;; AUTHORITY SECTION:
sub.besserwisser.org. 27 IN NS primary.se.
If you query for NAPTR but the resolver encounters a CNAME, it will
attempt to follow the redirection and then presents whatever answer or
lack thereof back. There is no need to do any resolver functionality in
the application layer; the answers are there. Perhaps the code handling
the response from the system resolver needs to be updated, but that is
another thing.
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
Look! A ladder! Maybe it leads to heaven, or a sandwich!