Check zones with underscores in host names (A Records)
Kevin Darcy
kcd at chrysler.com
Tue Feb 12 22:27:40 UTC 2008
Mark Andrews wrote:
>>> Date: Tue, 12 Feb 2008 13:11:55 +0200
>>> From: "Haim [Howard] Roman" <roman at jct.ac.il>
>>> To: Jack Tavares <j.tavares at f5.com>, bind-users at isc.org
>>> Subject: Re: Check zones with underscores in host names (A Records)
>>> X-JCT-Whitelist: NO
>>>
>>> We also have to allow underscores (good old Microsoft!). Here is what
>>> we have in our /etc/named.conf:
>>>
>> Underscore in DOMAIN names seem to be OK.
>>
>
> Underscores are illegal in hostnames. You store hostnames
> in the DNS. You also store other types of names in the DNS.
> For some of those other types of names underscores are legal.
>
> !#@!#%$!@#.example.com is a legal domain name.
> Does anyone here think that !#@!#%$!@#.example.com is a legal
> hostname?
>
>
That's a bit of a straw man argument.
The real question is not "are some hostnames illegal?" (obviously some
are) or even "is the set of legal hostnames a *subset* of legal domain
names?". It's "why is BIND even trying to enforce hostname rules when
it's supposed to be a DNS implementation, and the names in question are
legal in DNS?"
I say, leave it to the OS or app layers to distinguish legal from
illegal hostnames. It's none of BINDs business and only adds extra
baggage to the code and configuration, that BIND and its admins don't
need and -- at least for the majority of us, I'd wager -- don't want.
For that matter, how does BIND even know that a given A or AAAA record
is ever going to be *used* as a hostname? Maybe someone is just using
the DNS database as a way to store arbitrary 32-bit or 128-bit chunks of
information...
- Kevin
More information about the bind-users
mailing list