Reject of W2K gc._msdcs...

Craig Mason cmason at masontechnology.com
Tue Feb 29 15:55:11 UTC 2000 

Continued testing of this subject.

I could not get my BIND server to write information to any other zone files.
I tried creating the _msdcs.example.com zone, with the check-names - ignore
option... but nothing worked until I allowed the main zone - example.com -
to include the check-names ignore option. Then the "gc" host gets added to
example.com's zone file.

So... as long as example.com accepts names with underscores, the host "gc"
makes it into my master zone file. The format is the same as Barry's (see
below).


As I continued to test, I also found that no zones would accept dynamic
information into their zone files. I created sales.example.com, put an entry
for it in named.conf...

	e.g.
		zone "sales.example.com" {
			type master;
			file "sales.example.db";
			check-names ignore;
			allow-update { all; };
		};


No hosts or W2K services ever make it into the zone file sales.example.db.
I'm wondering what I am doing wrong.


Craig





-----Original Message-----
From: Mark.Andrews at nominum.com [mailto:Mark.Andrews at nominum.com]
Sent: Friday, February 25, 2000 3:00 PM
To: Barry Finkel
Cc: bind-users at isc.org
Subject: Re: Reject of W2K gc._msdcs...



> "Craig Mason" <cmason at masontechnology.com> wrote:
>
> >I too am getting this. I'm working with Mark Andrews from the list to
> >resolve. I think I'm also going to call in Microsoft at some point to get
> >their take on this. Please keep the list informed on any progress.
> >
> >Thanks!
> >
> >Craig
> >
> >
> >
> >-----Original Message-----
> >From: news at news.gigabell.net [mailto:news at news.gigabell.net]On Behalf Of
> >Falko Mach
> >Sent: Thursday, February 24, 2000 3:45 AM
> >To: comp-protocols-dns-bind at moderators.isc.org
> >Subject: Reject of W2K gc._msdcs...
> >
> >
> >Whats wrong if I see this in my log ?
> >
> >default: warning: owner name "gc._msdcs.gtz.de" IN (primary) is invalid -
> >rejecting
> >
> >It seems, that all works fine.
> >
> >Tnx,
> >falko
> >
> >mailto:    falko.mach at gtz.de
>
> This topic was covered earlier this week and last week.  Mark Andrews,
> Sam Wilson, and Brian Miller  wrote about the RFCs - 952, 1183, and
> 2181.  There was also mention of the relevant MS Technet articles.
> Here is a summary.
>
> 952 says that the underscore character is illegal.  952 IS A STANDARD.
> 1183 (IIRC) says that an initial numeric character is now legal.
>      1183 IS A STANDARD.

	1123 you mean

> 2181 says that almost any character is legal.  2181 is NOT a standard;
>      it is standards-track.

	These RFCs are all consistant.  Hostnames are a *subset* of
	domainnames. RFC952 and RFC1123 are talking about hostnames,
	RFC1182 is talking about domainnames.

	The terms domainname and hostname are *not* interchangable.
	All hostnames are domainnames. All domainnames are not hostnames.
>
> Microsoft decided that it would follow 2181 and use an underscore in
> an "A" record.  BIND 8.2.2-p5 by default does not allow the underscore,
> but you can change the options parameters to allow it.

	or zone.

	I suspect the real reason why Microsoft choose _msdcs was so
	and to *not* collide with any legal hostname.  However they
	attempt to put a hostname (gc._msdcs.example.com) within this
	zone (Catch 22).

	What Craig and I were doing was verifing that creating a seperate
	zone for _msdcs and not just using the parent zone would not break
	things (Craig was not necessarilly aware of what I was doing).
	This reduces the namespace that does not get checked however the
	lack of checking within _msdcs should not be a problem as only W2K
	boxes should care about what is in there and it is MS job to make
	sure that things don't break for themselves when they step outside
	of the RFCs.  This shouldn't break unless MS have stuffed up.

	e.g.
		zone "_msdcs.example.com" {
			type master;
			file "_msdcs.example.db";
			check-names ignore;
			allow-update { localnets; };
		};
>
> I had posted a query twice in the past months about this.  In my case,
> the name with the underscore was not in DNS as an entire string; it
> was split on two lines
>
>      $ORIGIN _msdcs.w2k.anl.gov.
>      gc      600     IN      A       130.202.224.143

	This is master file format.  These is nothing strange about that
	as BIND and being using it for years.
>
> The error message from BIND complained about the name
>
>      gc_msdcs.w2k.anl.gov

	You mean gc._msdcs.w2k.anl.gov
>
> and I could not locate that string in the zone.
> ----------------------------------------------------------------------
> Barry S. Finkel
> Electronics and Computing Technologies Division
> Argonne National Laboratory          Phone:    +1 (630) 252-7277
> 9700 South Cass Avenue               Facsimile:+1 (630) 252-9689
> Building 221, Room B236              Internet: BSFinkel at anl.gov
> Argonne, IL   60439-4844             IBMMAIL:  I1004994
>
>
>
--
Mark Andrews, Nominum Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list