If we're looking in the cache for NS for a forwarded name, we

can cut off the search at the forwarding domain.

I'm not sure if I like the added complexity...

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index ce6a5fe419a72a0932e5ef2486f5796d4a211edd..2b06197fecbf0b491d8567d7dedad0f3b3aa0022 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -725,17 +725,23 @@ int SyncRes::doResolve(const DNSName &qname, const QType &qtype, vector<DNSRecor
     for (int tries = 0; tries < 2 && bestns.empty(); ++tries) {
       bool flawedNSSet = false;
       set<GetBestNSAnswer> beenthereIgnored;
-      getBestNSFromCache(nsdomain, qtype, bestns, &flawedNSSet, depth, beenthereIgnored);
+      getBestNSFromCache(nsdomain, qtype, bestns, &flawedNSSet, depth, beenthereIgnored, forwarded ? fwdomain : g_rootdnsname);
+      if (forwarded) {
+        break;
+      }
     }
 
     if (bestns.size() == 0) {
-      // Something terrible is wrong
-      QLOG("Step1 No ancestor found return ServFail");
-      return RCode::ServFail;
+      if (!forwarded) {
+        // Something terrible is wrong
+        QLOG("Step1 No ancestor found return ServFail");
+        return RCode::ServFail;
+      }
+    } else {
+      QLOG("Step1 Ancestor from cache is " << bestns[0].d_name);
     }
-    QLOG("Step1 Ancestor from cache is " << bestns[0].d_name);
-
-    const DNSName& ancestor(!forwarded || bestns[0].d_name.isPartOf(fwdomain) ? bestns[0].d_name : fwdomain);
+    const DNSName& ancestor(!forwarded || (bestns.size() > 0 && bestns[0].d_name.isPartOf(fwdomain)) ?
+                            bestns[0].d_name : fwdomain);
     if (forwarded) {
       QLOG("Step1 Final Ancestor (using forwarding info) is " << ancestor);
     }
@@ -1110,7 +1116,7 @@ vector<ComboAddress> SyncRes::getAddrs(const DNSName &qname, unsigned int depth,
   return ret;
 }
 
-void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vector<DNSRecord>& bestns, bool* flawedNSSet, unsigned int depth, set<GetBestNSAnswer>& beenthere)
+void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vector<DNSRecord>& bestns, bool* flawedNSSet, unsigned int depth, set<GetBestNSAnswer>& beenthere, const DNSName& cutOffDomain)
 {
   string prefix;
   DNSName subdomain(qname);
@@ -1121,6 +1127,9 @@ void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vecto
   bestns.clear();
   bool brokeloop;
   do {
+    if (!subdomain.isPartOf(cutOffDomain)) {
+      break;
+    }
     brokeloop=false;
     LOG(prefix<<qname<<": Checking if we have NS in cache for '"<<subdomain<<"'"<<endl);
     vector<DNSRecord> ns;

diff --git a/pdns/syncres.hh b/pdns/syncres.hh
index a1dbd8ca554190f7fdbc10a0496545e949b4bd75..ca7154229b901897bd0181b7c9c821b15e60806b 100644 (file)
--- a/pdns/syncres.hh
+++ b/pdns/syncres.hh
@@ -836,7 +836,7 @@ private:
   domainmap_t::const_iterator getBestAuthZone(DNSName* qname) const;
   bool doCNAMECacheCheck(const DNSName &qname, const QType &qtype, vector<DNSRecord>&ret, unsigned int depth, int &res, vState& state, bool wasAuthZone, bool wasForwardRecurse);
   bool doCacheCheck(const DNSName &qname, const DNSName& authname, bool wasForwardedOrAuthZone, bool wasAuthZone, bool wasForwardRecurse, const QType &qtype, vector<DNSRecord>&ret, unsigned int depth, int &res, vState& state);
-  void getBestNSFromCache(const DNSName &qname, const QType &qtype, vector<DNSRecord>&bestns, bool* flawedNSSet, unsigned int depth, set<GetBestNSAnswer>& beenthere);
+  void getBestNSFromCache(const DNSName &qname, const QType &qtype, vector<DNSRecord>&bestns, bool* flawedNSSet, unsigned int depth, set<GetBestNSAnswer>& beenthere, const DNSName& cutOffDomain = g_rootdnsname);
   DNSName getBestNSNamesFromCache(const DNSName &qname, const QType &qtype, NsSet& nsset, bool* flawedNSSet, unsigned int depth, set<GetBestNSAnswer>&beenthere);
 
   inline vector<std::pair<DNSName, float>> shuffleInSpeedOrder(NsSet &nameservers, const string &prefix);