313
316
13. I feel that XXX feature should be added to MaraDNS
315
There are currently no plans to implement new features in MaraDNS. The
316
reason for this is because, bottom line, MaraDNS has failed to make my
317
resume impressive enough for me to easily get a job in today's job market.
319
Both the BIND and NSD name servers were developed by having the
320
programmers paid to work on the programs. PowerDNS was originally
321
commercial software with the author only reluctantly made GPL after seeing
322
that the market for a commercial DNS server is very small. All of the
323
other DNS servers which have been developed as hobbyist projects (Posadis,
324
Pdnsd, and djbdns) are no longer being actively worked on by the primary
327
If I were to work on MaraDNS again, it will be a complete rewrite in C++;
328
if I can get C++ on my resume, I may be able to get a job more easily.
330
Like anything else, this is not absolute. For example, if I see a large
331
MaraDNS community and a strong demand for new features from that
332
community, I will change my mind. Should ipv6 start to become dominant, I
333
will update MaraDNS to have full ipv6 support. Should some other
334
technology come along that will require an update to MaraDNS for MaraDNS
335
to continue to function as a DNS server, I may update MaraDNS to use that
318
The only thing that will convince me to implement a given feature for
319
MaraDNS is cold, hard cash. If you want me to keep a given feature
320
proprietary, you better have lots of cold hard cash. If you're willing to
321
opensource your feature, less cash should be sufficient.
323
Keep in mind that both the BIND and NSD name servers were developed by
324
having the programmers paid to work on the programs. PowerDNS was
325
originally commercial software with the author only reluctantly made GPL
326
after seeing that the market for a commercial DNS server is very small.
327
All of the other DNS servers which have been developed as hobbyist
328
projects (Posadis, Pdnsd, and djbdns) are no longer being actively worked
329
on by the primary developer.
331
I plan on someday adding standards-compliant BIND zone file support. After
332
that, I may even add real DNS slave support.
334
If I see a large MaraDNS community and a strong demand for new features
335
from that community, I will consider their wishes. Especially if some of
336
the members of the community have large bank accounts. Should ipv6 start
337
to become dominant, I will update MaraDNS to have full ipv6 support.
338
Should some other technology come along that will require an update to
339
MaraDNS for MaraDNS to continue to function as a DNS server, I may very
340
well update MaraDNS to use that technology.
338
342
14. I feel that MaraDNS should use another documentation format
595
599
no_cname_warnings = 1
597
601
Information about how to get MaraDNS to resolve dangling CNAME records is
598
in the tutorial file dangling.html
602
in the tutorial file dangling.html
604
I have a NS delegation, and MaraDNS is doing strange things.
606
In the case of there being a NS delegation, MaraDNS handles recursive
607
queries and non-recursive DNS queries differently. Basically, unless you
608
use askmara with the -n option, dig with the +norecuse option, or nslookup
609
with the -norec option, MaraDNS will try to recursively resolve the record
612
The thinking is this: A normal recursive DNS query is usually one where
613
one wants to know the final DNS output. So, if MaraDNS delegates a given
614
record to another DNS server, and gets a recursive request for said query,
615
MaraDNS will recursively resolve the query for you.
617
For example, let us suppose we have a mararc file that looks like this:
619
chroot_dir = "/etc/maradns"
620
ipv4_bind_addresses = "10.1.2.3"
621
chroot_dir = "/etc/maradns"
622
recursive_acl = "127.0.0.1/8, 10.0.0.0/8"
624
csv2["example.com."] = "db.example.com"
626
And a db.example.com file that looks like this:
628
www.example.com. 10.1.2.3
629
joe.example.com. NS ns.joe.example.com.
630
ns.joe.example.com. A 10.1.2.4
632
Next, you are trying to find out why www.joe.example.com is not resolving.
633
If you naively send a query to 10.1.2.3 for www.joe.example.com as askmara
634
Awww.joe.example.com. 10.1.2.3 or as dig @10.1.2.3 www.joe.example.com. or
635
as nslookup www.joe.example.com. 10.1.2.3, you will not get any
636
information that will help you solve the problem, since 10.1.2.3 will try
637
to contact 10.1.2.4 to resolve www.joe.example.com.
639
The solution is to run your DNS query client thusly:
641
* Askmara would be run thusly:
643
askmara -n Awww.joe.example.com. 10.1.2.3
645
* Dig would be run thusly:
647
dig +norecurse @10.1.2.3 www.joe.example.com
649
* Nslookup would be run thusly:
651
nslookup -norec www.joe.example.com 10.1.2.3
653
This will allow you to see that packets MaraDNS actually sends to a
654
recursive DNS server.
656
As an aside, this particular problem will not happen if MaraDNS is run
657
only as an authoritative nameserver.
603
662
newlines (as opposed to DOS or UNIX newlines), while the file will parse,
604
663
any errors in the file will be reported as being on line 1.
606
The maximum allowed number of threads is 125; this is a hard limit because
607
there may be problems with some pthreads implementations causing MaraDNS
608
to hang if this number is higher.
665
The maximum allowed number of threads is 5000.
610
667
The system startup script included with MaraDNS assumes that the only
611
668
MaraDNS processes running are started by the script; it stops all MaraDNS
640
697
MaraDNS does not use the zone file ("master file") format specified in
641
698
chapter 5 of RFC1035.
643
If a wildcard MX record exists in the form "*.example.com", and there is
644
an A record for "www.example.com", but no MX record for "www.example.com",
645
the correct behavior (based on RFC1034 S4.3.3) is to return "no host"
646
(nothing in the answer section, SOA in the authority section, 0 result
647
code) for a MX request to "www.example.com". Instead, MaraDNS returns the
648
MX record attached to "*.example.com".
700
MaraDNS default behavior with star records is not RFC-compliant. In more
701
detail, if a wildcard MX record exists in the form "*.example.com", and
702
there is an A record for "www.example.com", but no MX record for
703
"www.example.com", the correct behavior (based on RFC1034 S4.3.3) is to
704
return "no host" (nothing in the answer section, SOA in the authority
705
section, 0 result code) for a MX request to "www.example.com". Instead,
706
MaraDNS returns the MX record attached to "*.example.com". This can be
707
changed by setting bind_star_handling to 1.
650
709
Star records (what RFC1034 calls "wildcards") can not be attached to NS
676
735
MaraDNS, like every other known DNS implementation, only supports a
677
736
QDCOUNT of 0 or 1.
679
MaraDNS does not send more than one DNS packet to a given DNS server when
680
processing a DNS request; this is not a serious problem because most
681
client implementations send multiple DNS packets to a recurisve DNS server
682
when processing a DNS request.
684
738
MaraDNS spawns a new thread for every single recursive DNS request when
685
739
the data in question is not in MaraDNS' cache; this makes MaraDNS an
686
740
excellent stress tester for pthread implementations. Many pthread
714
765
MaraDNS only has limited authoritative-only support for IPv6.
716
MaraDNS generally does not support any DNS features which are not present
717
in RFC1034 and RFC1035. The exceptions are the ability to decompress some
718
RRs not in RFC1035, and zone file support for AAAA records (RFC 1886) and
719
SRV records (RFC 2052).
721
767
MaraDNS only allows wildcards at the beginning or end of a host name. E.g.
722
768
names with wildcards like "foo.*.example.com". "www.*" will work, however,
723
769
if a default zonefile is set up.
760
806
example, he provided invaluable assistance in getting MaraDNS to compile
761
807
on Solaris. In addition, he has provided much valuable SQA help.
763
Thomas Seyrat has provided French translations of the MaraDNS
766
809
Christian Kurz, who has provided invaluable bug reports, especially when I
767
810
had to re-implement the core hashing algorithm.
799
842
these programmers making the code public domain, which is the only license
800
843
under which I can add code to MaraDNS under.
845
Ross Johnson and others have made a Win32 port of the Pthreads library;
846
this has made a native win32 port of MaraDNS possible.
802
848
I also appreciate the work of Dr. Brian Gladman and Fritz Schneider, who
803
849
have both written independent implementations of AES from which I obtained
804
850
test vectors. With the help of their hard work, I was able to discover a