check-names fail
Bob Vance
bobvance at alumni.caltech.edu
Sun Jan 14 15:55:59 UTC 2001
Yes. I'm sure:
=======================
config files:
grep check-names /etc/named.conf
check-names master fail;
// check-names master warn;
linux1# (cd $LOCAL/named/p1/.pri ; grep _ * )
incl.vance:test_under IN A 192.168.1.80 ; bad_char_in_name RR
=======================
=======================
Testing: 8.2.2-p7
=======================
linux1# ndc stop
Shutdown initiated.
linux1# $LOCAL/src/bind/bind-8.2.2-p7/instdir/usr/sbin/named #
start -p7
linux1# grep -E 'starting|Ready|test_under' /var/log/messages
...
Jan 14 10:04:23 linux1 named[19789]: starting. named 8.2.2-P7 Sat Jan
13
Jan 14 10:04:23 linux1 named[19789]: owner name "test_under.vance" IN
(primary)
is invalid - rejecting
Jan 14 10:04:23 linux1 named[19790]: Ready to answer queries.
Check cache:
linux1# rm /var/tmp/named_dump.db
linux1# ndc dumpdb ; grep ORIGIN /var/tmp/named_dump.db
Database dump initiated.$ORIGIN .
...
$ORIGIN vance.
$ORIGIN dynamic.vance.
$ORIGIN home.sbm.com.
$ORIGIN vance.home.sbm.com.
$ORIGIN .
$ORIGIN ROOT-SERVERS.NET.
You can see that the "vance." zone loaded
linux1# ping test_under.vance.
ping: unknown host test_under.vance.
(as expected)
linux1# nslookup bobvl.vance.
...
Non-authoritative answer:
Name: bobvl.dynamic.vance
Address: 192.168.1.23
Aliases: bobvl.vance
linux1# ping bobvl.vance.
PING bobvl.dynamic.vance (192.168.1.23) from 192.168.1.6 : 56(84) bytes.
64 bytes from 192.168.1.23: icmp_seq=0 ttl=128 time=2.0 ms
...
!!!!!!!!!!!!!!!!!!!!!
So the zone loaded and is returning Non-authoritative (but correct :)
answers
for everything other than the rejected records.
!!!!!!!!!!!!!!!!!!!!!
=======================
Testing: 8.2.3T9B
=======================
linux1# ndc stop
Shutdown initiated.
linux1# $LOCAL/src/bind/bind-8.2.3T9B/instdir/usr/sbin/named start
8.2.3T9B
linux1# grep -E 'starting|Ready|test_under' /var/log/messages
...
Jan 14 10:26:29 linux1 named[19924]: starting (/etc/named.conf).
named 8.2.3-T9B Fri Jan 12 22:04:58 EST 2001
Jan 14 10:26:29 linux1 named[19924]: owner name "test_under.vance" IN
(primary)
is invalid - rejecting
Jan 14 10:26:29 linux1 named[19925]: Ready to answer queries.
linux1# ping test_under.vance.
ping: unknown host test_under.vance.
(again, as expected)
But!!!
linux1# rm /var/tmp/named_dump.db
linux1# ndc dumpdb ; grep ORIGIN /var/tmp/named_dump.db
Database dump initiated.
$ORIGIN .
$ORIGIN ROOT-SERVERS.NET.
$ORIGIN in-addr.arpa.
$ORIGIN 168.192.in-addr.arpa.
$ORIGIN 2.168.192.in-addr.arpa.
$ORIGIN 1.168.192.in-addr.arpa.
$ORIGIN 0.127.in-addr.arpa.
$ORIGIN 0.0.127.in-addr.arpa.
$ORIGIN 1.168.192.dynamic.in-addr.arpa.
$ORIGIN .
$ORIGIN ROOT-SERVERS.NET.
The ".vance" zone did not load at all,
and
linux1# nslookup bobvl.vance.
...
*** joe can't find bobvl.vance.: Non-existent host/domain
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
So,
8.2.3T9B rejects the entire zone
while 8.2.2-p7 rejects only the record (same for p5)
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
-------------------------------------------------
Tks | <mailto:BVance at sbm.com>
BV | <mailto:BobVance at alumni.caltech.edu>
Sr. Technical Consultant, SBM, A Gates/Arrow Co.
Vox 770-623-3430 11455 Lakefield Dr.
Fax 770-623-3429 Duluth, GA 30097-1511
=================================================
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Vik Heyndrickx
Sent: Saturday, January 13, 2001 7:00 PM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Re: check-names fail
"Bob Vance" <bobvance at alumni.caltech.edu> schreef in bericht
news:93q7mh$608 at pub3.rc.vix.com...
> With
> check-names master fail;
>
> both 8.2.2-p5 and p7, simply reject an offending record and
> continue to load the zone and answer non-authoritatively for the
> rest of the names.
> 8.2.3T9B, however, rejects the entire zone!!
Are you sure? My 8.2.2-P7 rejects the zone too (as it should). Don't
know
about P5.
--
Vik
More information about the bind-users
mailing list