Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



Getting CNAME and A record reply

New Member
Posts: 2
1392     0

Hello Community,

I'm trying to find a solution to a DNS issue. I currently use an Internet hierarchical system based on Root and TLD Servers to resolve our namespace.

Now I want to resolve a CNAME record pointing to a fqdn hosted in a private zone (root and TLDs doesn't know this zone).

When DNS client send the request to Resolver, this server can get both, the CNAME and associated A record. Nevertheless, it doesn't reply to the DNS client with the A record, it just replies with the CNAME one.


This is the request - reply sequence:


DNS Client to Resolver -> Request: ¿who is

Resolver to Root -> Rquest: Who is NS for .corp? Root -> Reply: .corp NS

Resolver to .corp NS -> Request: Who is NS for company.corp? Reply: .company.corp NS

Resolver to .company.corp NS -> Request: Who is Reply: CNAME: / A:

Resolver to DNS Client -> Reply: CNAME: (but not the A Record. Why?)


I need Resolver replies to DNS Client with the A record and not with the CNAME one. I've tried change the Resolver configuration using a Conditional forwarding just for that zone (company.corp) but I got same results.




Re: Getting CNAME and A record reply

New Member
Posts: 2
1392     0



by any change your resolver is Infoblox? in this case you will need to enable the "Return Minimal Response" on Infoblox member. It will respond with the question and answer section along with authority and an additional section.

Specifying Minimal Responses - NIOS Admin Guide - Infoblox Documentation Portal

Showing results for 
Search instead for 
Did you mean: 

Recommended for You