Allow Multiple-Cnames in BIND 9
Joseph S D Yao
jsdy at center.osis.gov
Fri Nov 30 18:35:44 UTC 2001
On Fri, Nov 30, 2001 at 12:11:06PM -0500, Justin M. Wilson wrote:
...
> Unfortunately reason doesn't work with this particular customer. I set up
> some demonstrations to try to prove to them to fix the error in their
> ways.
> I have attached the two examples that I have generated. You can also query
> these two test zones off of dca-ans-01.inet.qwest.net &
> svl-ans-01.inet.qwest.net which are both BIND 8.*.
> The attached zone proof.qwestip.net is the way I suggested this mystery
> company set things up. The attached zone proof2.qwestip.net is the way
> they have things setup right now.
> My solution works from some OS's but not from others. Any ideas that I can
> try to sell this company on?
>
> ----
> Justin M. Wilson
> justin at justin.net
> justin.wilson at qwest.com
>
>
> -- Attached file included as plaintext by Ecartis --
> -- File: proof.qwestip.net
> -- Desc: RFC Compliant Solution
...
Your solution is better, except that RFC 952 still prohibits single-
character names [but I think that's been ignored before]. I had to
stop and remember that RFC 1123 explicitly allows fully numeric host
names, and RFC 2181 points out that DNS RRs may actually have any
string as a label, although applications may restrict this (e.g. by
requiring that a label be a host name).
I don't know how to persuade the unpersuadable. You may tell them that
to do this, you will have to use an older version of the BIND code that
does not have all of the code improvements and security enhancements
that are in the current BIND 9.2.0. You might also mention that, as
other sites migrate to the newer, stronger, faster, more blessed
version, then they will start ignoring your site's records as illegal
[although they may not care, if I read between the lines correctly].
--
Joe Yao jsdy at center.osis.gov - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the bind-users
mailing list