How to validate SRV record?

Kevin Darcy kcd at chrysler.com
Thu Aug 23 22:46:46 UTC 2012 

On 8/23/2012 6:09 PM, Kevin Oberman wrote:
> On Thu, Aug 23, 2012 at 8:52 AM, Nikolay Shaplov <n at shaplov.ru> wrote:
>> Hi!
>>
>> I am trying to write a validator for name field of SRV record, and I met
>> several issues I can not understand. May be you can help me with that.
>>
>> 0. Bind does not really validate name of SRV record:
>>
>> _te__st_._te--st!?.rrr!e
> Looks valid to me. Why should it not be? The format, as you say, is
> _Service._Protocol.Name and that can be reduced to Perl RE of:
> _.+\.\_.+\..+ As far as I can see on the RFC, there are no
> restrictions on what characters are used other then the underscores
> and dots.
>> is considered to be correct record. (BIND 9.7.3) So I can not use bind to get
>> what is right and what is wrong.
>>
>> 1. RFC 2782 says that name field should have this format:
>>
>>   _Service._Proto.Name
>>
>> 1.1. Name as far as I get, should be validated as a common hostname. Am I
>> right?
> No. The hostname character rules are valid ONLY for hostnames. Jon
> Postel wrote and RFC (I don't have the number handy) expressly stating
> that only hostnames and not any other names were so encumbered.
> Moreover, the RFC states:
> The symbolic name of the desired service, as defined in Assigned
> Numbers [STD 2] or locally. What is done locally is up to whomever is
> doing it and those using hte SRV record. SRVs are not restricted to
> registered services or protocols.
>
>> 1.2. Service should be validated according to RFC 6335
> RFC6335 is a BCP, not a standard and is stating IANA practice for
> assigning  and using names and numbers. It in no way restricts SRV
> records.
>
>> 1.3. What algorithm should be used to validate Proto? I can use the same as
>> for Service, but are there any strict guide lines about that?
> Protocols are normally things like tcp, udp, etc, but the RFC does not
> appear to me to restrict them in any way. RFC6335 is a BCP, not a
> standard and is stating IANA practice for assigning names and numbers.
> It in no way restricts SRV records. It even it states "This unique
> symbolic name for a service may also be used for other purposes, such
> as in DNS SRV records [RFC2782]." Not even "should".
RFC 6335:

5.2. Service Name Usage in DNS SRV Records The DNS SRV specification 
[RFC2782] states that the Service Label part of the owner name of a DNS 
SRV record includes a "Service" element, described as "the symbolic name 
of the desired service", but as discussed above, it is not clear 
precisely what this means. This document clarifies that the Service 
Label MUST be a service name as defined herein with an underscore 
prepended. The service name SHOULD be registered with IANA and recorded 
in the Service Name and Transport Protocol Port Number registry [PORTREG].

- Kevin

More information about the bind-users mailing list