Need clue: Underscore zones and hostnames

Gregory Hicks ghicks at cadence.com
Mon Dec 6 18:22:42 UTC 2004 

> From: "SilentRage" <bind-users at dollardns.net>
> To: "\"nathan r. hruby\"" <bind-users at isc.org>
> Subject: Re: Need clue: Underscore zones and hostnames
> Date: Mon, 6 Dec 2004 13:07:18 -0500
> 
> It seems you're already informed on the issue.  Supposedly yeah, there are
> some resolvers that might choke on hostnames with characters that don't
> follow the standards for internet host names.  Most especially you shouldn't
> create mail domains or mail server domains with invalid characters, cause
> that's a whole new suite of applications that might choke.
> 
> The dns protocol places no restriction on 'name' content, which is why BIND
> supports it, and why it works just fine in practice.  For my service I allow
> clients to create hostnames with whatever characters they want.  If they
> want binary characters, go for it.  Limiting what they create limits
> creativity and proprietary usage.  If they manage to shoot themself in the
> foot, I'll hand them the gun, bullets, and all.  If they come to me asking
> why some of their clients can't visit their underscore site, I'll educate
> them.  :)

Given that I, and my cohorts, administer a 30,000 host domain (fairly
small by some standards but large enough), if I can educate my users
when they ask to have names created, then that reduces support costs
for me.  This is a Good Thing.

Yes, limiting what they "create" limits creativity and proprietary
usage.  But it also reduces my potential support costs.  Which is a
Good Thing.

Besides, if asked, the reason they want the underscore is because that
allows the names to show up as separate "words" in a web link.  A
'dash' does not do this "neat" formatting.

Regards,
Gregory hicks

> 
> Dave
> 
> ----- Original Message ----- 
> From: "nathan r. hruby" <nhruby at uga.edu>
> To: <bind-users at isc.org>
> Sent: Monday, December 06, 2004 12:36 PM
> Subject: Need clue: Underscore zones and hostnames
> 
> 
> > Hi,
> >
> > Can someone please thwack me with the requisite clue-by-four and point me
> > at the RFC that Yea's or Nea's the use of the underscore character in
> > host and/or zone names?  Google seems to not be helpful in finding a
> > definitive answer.  Perhaps there is none?
> >
> > Here's why I ask:
> > We current support Microsoft's Active Directory on our BIND nameservers,
> > with check-names disabled on the BIND8 machines, so we *have* zones with
> > underscore characters already working.
> >
> > Recently for some odd reason people have been requesting hostnames like
> > martha_stewart.jailhouse.uga.edu.  This "works" in as much as BIND doesn't
> > reject the name and does serve it (thanks to some legacy names :).  We
> > also know that it's not recommended per various RFC's so we've been
> > rejecting these updates and manually going back to the user to get them to
> > fix it.
> >
> > But since it works and we have zones that *depend* on this behavior, we're
> > wondering:
> > - Are we just missing an updated RFC that now allows this?
> > - Is an underscore allowed just for zones and still not for a host?
> > - Is this just an Microsoft-ism?
> > - Do we (or perhpas: should we) care enough to not let users shoot
> >    themselves in their feet?
> >
> > Note: I didn't setup the original AD-in-BIND infrastructure, and the
> > person who did is not here anymore.  The docs we have fail to mention the
> > underscore issue and we're presently looking at various DNS changes we
> > want to make, including our request interface that can "fix" these before
> > they get to the update stage, hence my desire to have a clue about it :)
> >
> > Thanks for any help anyone can give me.
> >
> > -n
> >
> > -- 
> > -------------------------------------------
> > nathan hruby <nhruby at uga.edu>
> > uga enterprise information technology services
> > production systems support
> > metaphysically wrinkle-free
> > -------------------------------------------
> >
> >
> >
> 
> 

-------------------------------------------------------------------
Gregory Hicks                        | Principal Systems Engineer
Cadence Design Systems               | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1          | Fax:      408.894.3400
San Jose, CA 95134                   | Internet: ghicks at cadence.com

I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

More information about the bind-users mailing list