[Operators] On indirection in SRV record targets

Matthew Wild mwild1 at gmail.com
Mon Sep 21 07:10:10 CDT 2009


2009/9/21 Dave Cridland <dave at cridland.net>:
> On Sat Sep 19 15:24:27 2009, Matthew Wild wrote:
>>
>> According to RFC 2782, SRV record targets are *not* allowed to be
>> "alias" records, this includes CNAMEs and PTRs for example. I just
>> made a change (not yet checked in) to Prosody which (unintentionally)
>> would render domains configured in such a way unreachable. I restarted
>> my server with the new code for testing to find a handful of my
>> contacts can no longer accessible.
>
> Wikipedia has a very good primer on CNAME (and DNAME, its scarier cousin).
>
> I'd particularly refer you to http://mengwong.com/misc/rfc1912-is-wrong.html
> though, which refers to RFC 974:
>
> "
>   Of course, by the robustness
>   principle, domain software should not fail when presented with CNAME
>   chains or loops; CNAME chains should be followed and CNAME loops
>   signalled as an error.
> "
>
> So I'd say that settles your question of what the default should be. :-)
>

I'd read that in the RFC, but I noted that the 'should not' was not
capitalised, and hence really means MAY :)

There are valid reasons for not allowing CNAMEs as targets in SRV
records. You make the requirements in the RFC pointless if you just
pretend they aren't there.

But technical arguments aside, people aren't going to use an IM server
if they can't contact their friends on badlyconfigured.example.net,
over which they have no power to fix. This is what really makes my
mind up. However that won't stop me correcting people who do the Wrong
thing :)

Matthew


More information about the Operators mailing list