How to validate SRV record?

Kevin Oberman kob6558 at gmail.com
Thu Aug 23 22:09:04 UTC 2012 

On Thu, Aug 23, 2012 at 8:52 AM, Nikolay Shaplov <n at shaplov.ru> wrote:
> Hi!
>
> I am trying to write a validator for name field of SRV record, and I met
> several issues I can not understand. May be you can help me with that.
>
> 0. Bind does not really validate name of SRV record:
>
> _te__st_._te--st!?.rrr!e

Looks valid to me. Why should it not be? The format, as you say, is
_Service._Protocol.Name and that can be reduced to Perl RE of:
_.+\.\_.+\..+ As far as I can see on the RFC, there are no
restrictions on what characters are used other then the underscores
and dots.
>
> is considered to be correct record. (BIND 9.7.3) So I can not use bind to get
> what is right and what is wrong.
>
> 1. RFC 2782 says that name field should have this format:
>
>  _Service._Proto.Name
>
> 1.1. Name as far as I get, should be validated as a common hostname. Am I
> right?
No. The hostname character rules are valid ONLY for hostnames. Jon
Postel wrote and RFC (I don't have the number handy) expressly stating
that only hostnames and not any other names were so encumbered.
Moreover, the RFC states:
The symbolic name of the desired service, as defined in Assigned
Numbers [STD 2] or locally. What is done locally is up to whomever is
doing it and those using hte SRV record. SRVs are not restricted to
registered services or protocols.

> 1.2. Service should be validated according to RFC 6335
RFC6335 is a BCP, not a standard and is stating IANA practice for
assigning  and using names and numbers. It in no way restricts SRV
records.

> 1.3. What algorithm should be used to validate Proto? I can use the same as
> for Service, but are there any strict guide lines about that?

Protocols are normally things like tcp, udp, etc, but the RFC does not
appear to me to restrict them in any way. RFC6335 is a BCP, not a
standard and is stating IANA practice for assigning names and numbers.
It in no way restricts SRV records. It even it states "This unique
symbolic name for a service may also be used for other purposes, such
as in DNS SRV records [RFC2782]." Not even "should".

It appears to me that you are reading things into RFCs that are simply
not there. That said the example you provide is silly, but I believe
it is valid.
-- 
R. Kevin Oberman, Network Engineer
E-mail: kob6558 at gmail.com

More information about the bind-users mailing list