Bind 9: Wildcard-Bug ?
Mark Andrews
Mark_Andrews at isc.org
Mon Sep 1 04:30:13 UTC 2008
> Hi,
>
> I am using Bind 9.3.4 with RRs like
>
> $ORIGIN 000baea3d8f9b6c98eb33e73092e5342.al.domain.tld.
> * TXT "data"
>
> Requests and return values:
> 1) dig TXT test.000baea3d8f9b6c98eb33e73092e5342.al.domain.tld --> data = OK
> 2) dig TXT abc.test.000baea3d8f9b6c98eb33e73092e5342.al.domain.tld -->
> data = OK
> 3) dig TXT test.test.000baea3d8f9b6c98eb33e73092e5342.al.domain.tld -->
> NXDOMAIN ???
>
> Is there any reason why equal <sub>.<sub> requests [see (3)] result in a
> NXDOMAIN ?
>
> Additional information: if the RR "test.test" is explicitly contained in
> the zone the 3rd request correctly returns "data".
> Therefore I assume a wildcard bug in Bind 9 ? (I didn't try it with an
> earlier version).
>
> Thanks,
> Florian
You most probably have a flaw in your testing methodology.
As you have only shown a summary and not specifics like
the entire zone content and the actual responses I'm not
going to guess as to what you got wrong.
Below is a test sequence against BIND 9.3.4 using the
following test configuration. It gives the expected results.
I suggest that you test with such a minimal configuration.
Mark
named.conf:
options {
listen-on port 9000 { 127.0.0.1; };
pid-file none;
};
zone "example.net" {
type master;
file "example.net";
};
example.net:
@ 0 SOA . . 0 0 0 0 0
@ 0 NS .
*.000baea3d8f9b6c98eb33e73092e5342 TXT "data"
% dig test.test.000baea3d8f9b6c98eb33e73092e5342.example.net -p 9000 @127.0.0.1 txt
; <<>> DiG 9.3.4-P1 <<>> test.test.000baea3d8f9b6c98eb33e73092e5342.example.net -p 9000 @127.0.0.1 txt
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24986
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;test.test.000baea3d8f9b6c98eb33e73092e5342.example.net. IN TXT
;; ANSWER SECTION:
test.test.000baea3d8f9b6c98eb33e73092e5342.example.net. 0 IN TXT "data"
;; AUTHORITY SECTION:
example.net. 0 IN NS .
;; Query time: 3 msec
;; SERVER: 127.0.0.1#9000(127.0.0.1)
;; WHEN: Mon Sep 1 14:16:35 2008
;; MSG SIZE rcvd: 102
% dig \*.000baea3d8f9b6c98eb33e73092e5342.example.net -p 9000 @127.0.0.1 txt
; <<>> DiG 9.3.4-P1 <<>> *.000baea3d8f9b6c98eb33e73092e5342.example.net -p 9000 @127.0.0.1 txt
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12067
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;*.000baea3d8f9b6c98eb33e73092e5342.example.net. IN TXT
;; ANSWER SECTION:
*.000baea3d8f9b6c98eb33e73092e5342.example.net. 0 IN TXT "data"
;; AUTHORITY SECTION:
example.net. 0 IN NS .
;; Query time: 4 msec
;; SERVER: 127.0.0.1#9000(127.0.0.1)
;; WHEN: Mon Sep 1 14:17:35 2008
;; MSG SIZE rcvd: 94
% dig version.bind ch -p 9000 @127.0.0.1 txt
; <<>> DiG 9.3.4-P1 <<>> version.bind ch -p 9000 @127.0.0.1 txt
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57053
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.3.4"
;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.
;; Query time: 7 msec
;; SERVER: 127.0.0.1#9000(127.0.0.1)
;; WHEN: Mon Sep 1 14:18:01 2008
;; MSG SIZE rcvd: 62
%
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list