Sunday, August 2, 2009

New MaraDNS and Deadwood snapshots

I've released a new MaraDNS and Deadwood snapshot today.

In the MaraDNS snapshot, I have further improved the heuristics for determining what value to have for RA (The DNS "Recursion available" bit). The RA bit is, quite frankly, a bit the DNS spec should never of had. It doesn't supply any really useful information.

An issue someone reported a couple of years ago is that some brain-dead embedded DNS caches actually look at the RA bit and won't accept recursive responses unless RA is set to one. So I spent a couple of days patching the MaraDNS source code to have RA be set for recursive replies.

Another issue reported on the MaraDNS mailing list is that the brain-dead AFNIC (.fr domains) looks at the RA bit returned by a server and doesn't allow a domain to be registered if RA is set but the IP in question isn't allowed to make recursive queries.

So, I've further refined things so that the AR bit is not set if the user hasn't enabled recursion (or if MaraDNS is compiled without recursive support via "./configure --authonly; make"). This allows people registering .fr domains with MaraDNS to have a way to register their domain (make sure the MaraDNS server serving the .fr domain doesn't have recursion enabled).

So, yeah, this issue should be resolved. I now need to set up some automated tests to make sure things still work for people using MaraDNS with brain-dead DNS implementations that refuse recursive answers without the RA bit set.

I've also updated Deadwood (the recursive resolver for the future MaraDNS 2.0 release) today; a small bugfix: Resource records would not rotate if the TTL was greater than about a day (1/256 of a year, to be precise).

The MaraDNS snapshot can be seen here and the Deadwood snapshot here