check-names settings

Cherney John-CJC030 John.Cherney at motorola.com
Fri Sep 12 21:17:39 UTC 2008 

I'm surprised the check-names option even works. I remember one version
of BIND 9 I played with that logged a message that it didn't recognize
that option. So I took it out. (I wish I could remember what version of
BIND that was.) Now, when I look at BIND 9.3.4, I see that it is
allowed. In searching the web, I've seen various things along the lines
of "it was not in 9.2, but it is in 9.3" and "BIND 9 doesn't need it
because it doesn't check host names by default".  The DNS & BIND book
(4th ed) doesn't mention it in the appendix (p 569, BIND 9 Configuration
File Statements), but it does mention it for BIND 9 in chapter 4,
p76-78. 

So, does BIND 9 use the check-names option? Do I need to put it back in
my named.conf file? 

Thanks!
jwc

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Gregory Hicks
Sent: Friday, September 12, 2008 4:18 PM
To: bind-users at isc.org; plaws at ou.edu
Subject: Re: check-names settings


> Date: Fri, 12 Sep 2008 14:56:56 -0500
> From: Peter Laws <plaws at ou.edu>
> 
> Leonard Mills wrote:
> > check-names master ignore
> > 
> > might well be what you're looking for.  You lose name checking 
> > against the
current standards :-).
> 
> *That's* the question:  what are the standards as BIND sees them?  The

> RFCs referenced in here and in the docs specify what's "official" (or 
> what was official years ago) but that's not necessarily the same as
what BIND does:
> 
> "The rules for legal hostnames / mail domains are derived from RFC 952

> and RFC 821 as modified by RFC 1123." (from BIND docs)
> 
> 
> OK, so just what is derived?  Did they take the rules verbatim?  Or do

> they allow some and not others?  SRV records *require* the underbar, 
> but they aren't mentioned in any of the RFCs above or any posted here
today ...

Well, you're allowed to have an "_" in a DOMAIN name but not in a HOST
name.  And RFC 2782 covers SRV RRs as used in DNS...

(RFC 2782 is available http://www.faqs.org/rfcs/rfc2782.html and
http://www.ietf.org/rfc/rfc2782.txt )

> So the question stands - what do I lose if I choose "check-names slave

> ignore"?
> 
> 
> --
> Peter Laws / N5UWY
> National Weather Center / Network Operations Center University of 
> Oklahoma Information Technology plaws at ou.edu
> ----------------------------------------------------------------------
> - Feedback? Contact my director, Craig Cochell, craigc at ou.edu. Thank 
> you!
> 

-------------------------------------------------------------------
Gregory Hicks                        | Principal Systems Engineer
Cadence Design Systems               | Direct:   408.576.3609
2655 Seely Ave M/S 9A1
San Jose, CA 95134

I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision."

"The best we can hope for concerning the people at large is that they be
properly armed." --Alexander Hamilton

More information about the bind-users mailing list