Bad owner name on hidden primary

Mark Andrews marka at isc.org
Tue Jun 10 04:05:11 UTC 2014 

In message <CFBB81AD.184ED%ray.walker at nau.edu>, Raymond Drew Walker writes:
>
> Apologies,
>
> Our workaround was actually the addition of 2 lines:
>
>        check-names master ignore;
>        check-names response ignore;

"check-names master ignore;" or "check-names ignore;" at the zone
level, is all that is required to have updates that would be block
by check-names accepted and returned.  "check-names response ignore;"
is the default and has been in all release of BIND back to the
initial release where check-names was added in BIND 8.

I suspect you were running a very out of date version of named on
the old master (pre-9.5.0).

The correct fix is to stop using non-compliant names.

Mark

> Without the second `response' clause, the update does not error, but does
> not get applied to the record.
> -
> Raymond Walker
> Software Systems Engineer StSp.
> ITS - Northern Arizona University
>
> From: Ray Walker <ray.walker at nau.edu<mailto:ray.walker at nau.edu>>
> Date: Monday, June 9, 2014 at 3:18 PM
> To: "bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>"
> <bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>>
> Subject: Re: Bad owner name on hidden primary
>
> Our current workaround is to add the following to NAMED configuration:
>
>   check-names master ignore;
>
> Is there a more preferred solution?
>
> ...
> or perhaps a different way of looking at this issue?
> -
> Raymond Walker
> Software Systems Engineer StSp.
> ITS - Northern Arizona University
>
> From: Ray Walker <ray.walker at nau.edu<mailto:ray.walker at nau.edu>>
> Date: Monday, June 9, 2014 at 11:47 AM
> To: "bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>"
> <bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>>
> Subject: Bad owner name on hidden primary
>
> Running BIND 9.9.5:
>
> On moving to a hidden primary setup, dynamic updates to zones we are
> master for with "unallowed characters" (underscores in our case) have
> started to fail with the error "bad owner name (check-names)" In the past
> (pre hidden primary) they did not fail.
>
> In the past we have not used the `check-names' option, so behavior should
> be default...
>  odd since the default behavior is to fail for master zones.
>
> Could this have something to do with the SOA of the zone no longer being
> the actual primary?
> -
> Raymond Walker
> Software Systems Engineer StSp.
> ITS - Northern Arizona University
>

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list