What's the REAL DEAL with Underscores in BIND8.X?

Kevin Darcy kcd at daimlerchrysler.com
Sat Oct 16 01:46:38 UTC 1999 

Scott Morizot wrote:

> On Fri, 15 Oct 1999, Ray Galuszka wrote:
> > On page 77 in Albitz/Liu's DNS & BIND 3rd Edition, the authors state that
> > underscores are not allowed in hostnames.  However, on the next page they
> > talk about how you can specify either fail, warn or ignore on the
> > check-names option.
> >
> > I have LOTS of underscores in my BIND4.x environment now and we're migrating
> > to BIND8.  I set up our test server to "ignore" on the check-names option
> > and the thing is resolving these names with no problem!
> >
> > The question is: if I set this ignore option and use underscores in
> > hostnames and aliases, what might I break??   It sure beats putting out
> > fires later because some server on my network somewhere expects an
> > underscore that I changed to a hyphen in a hostname.
>
> Underscores in hostnames have always been illegal per RFC 952.
> Versions of BIND before about 4.9.3 simply didn't enforce the
> requirement at all.  (Actually, BIND 4.8 pretty much accepted
> anything.)
>
> Allowing underscores will cause a problem with any software or
> device that expects names to be compliant with RFC952.  Since
> you apparently aren't having a problem now, you may not have
> any at the moment.
>
> The long-term solution is to rename the systems using hyphens
> instead of underscores and create aliases with the underscore.
> Then you can age the aliases off your DNS gradually over time.

What cost-justifications could there possibly be for such a forced
migration? "RFC compliance" doesn't mean a hell of a lot to a beancounter;
where's the money? And we're not talking chump change either: we have over
7,000+ underscored names in our DNS database here, thanks to BIND's longstanding
permissiveness.

Separating underscore-checks from other kinds of name-checking within BIND would
seem to be a far more practical solution to this "problem", at least until
RFC 1035's ban on underscores can be officially obsoleted on the basis that the
stated justification for it -- migration from the HOSTS.TXT file -- has long
since passed.


- Kevin

More information about the bind-users mailing list