wildcard reverse lookups?
Edward Lewis
Ed.Lewis at neustar.biz
Thu Dec 21 03:59:02 UTC 2006
At 9:51 +1100 12/21/06, Mark Andrews wrote:
> There is a difference between what's legal in the DNS and
> what is legal in the layer above the DNS.
But worrying about what another layer might think is a "layer violation."
> gethostbyaddr() etc. should reject the answer as it is not
> a hostname (RFC 952). gethostbyname() etc. should also
> reject the hostname as it is invalid.
Just because these are wrong doesn't make it okay for BIND to be
wrong. ;) (If those two jumped off a bridge, would BIND jump too?)
> named flags it as a error because the upper layers will
> flag it as a error.
This is like the checknames in old BIND. If I would have my
druthers[1], BIND would only flag errors that are DNS (in layer)
errors. Any other error reporting weakens the other layers over
time, like what we saw in sitefinder when a lot of applications had
put a lot more semantics on a name error than they should have.
[1] http://en.wikipedia.org/wiki/Druthers, see the slogan explanation
at the end of the first paragraph.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Dessert - aka Service Pack 1 for lunch.
More information about the bind-users
mailing list