Underscores again

Barr Hibbs rbhibbs at ultraDNS.com
Thu Apr 20 16:19:05 UTC 2000 


> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Ed Sawicki
> Sent: Thursday, April 20, 2000 2:20 AM
>
> I've been reading the numerous past threads regarding underscore
> characters in DNS names. It seems that most folks here agree that
> underscores are not allowed. However, RFC2181 seems to say
> something different. Here's the paragraph that confuses me.
>
> "The DNS itself places only one restriction on the particular labels
> that can be used to identify resource records.  That one restriction
> relates to the length of the label and the full name.  The length of
> any one label is limited to between 1 and 63 octets.  A full domain
> name is limited to 255 octets (including the separators).  The zero
> length full name is defined as representing the root of the DNS tree,
> and is typically written and displayed as ".".  Those restrictions
> aside, any binary string whatever can be used as the label of any
> resource record.  Similarly, any binary string can serve as the value
> of any record that includes a domain name as some or all of its value
> (SOA, NS, MX, PTR, CNAME, and any others that may be added)."
>
> How should I interpret this?
>
...the use of underscores, non-alphanumeric characters, and non-printable
characters is usually discouraged for several practical reasons:
1.  not all name servers and resolvers have been updated to support names as
defined in RFC2181;
2.  many popular, widely-deployed programs such as sendmail, FTP, and Telnet
(to name a few) DO support binary names in their newer versions, but again,
not all versions deployed are completely up-to-date;
3.  individual applications programs may not be compliant with RFC2181, and
may introduce (sometimes unintentionally) local restrictions on names.

...so, the best advice is to carefully experiment with your local
applications and services, and then expand to remote ones, using names that
contain characters other than 'A'-'Z,' '0'-'9,' and the hyphen ("-")
character.  When you understand where, if any, a problem with names exists,
you can plan a reasonable strategy for upgrading applications and services.

--Barr

More information about the bind-users mailing list