[318] in Hesiod
Re: BIND 4.9.4 and Hesiod: No Go?
daemon@ATHENA.MIT.EDU (Randall S. Winchester)
Fri Jul 26 17:05:36 1996
Date: Fri, 26 Jul 1996 17:03:49 -0400 (EDT)
From: "Randall S. Winchester" <rsw@Glue.umd.edu>
To: "Derrick J. Brashear" <shadow@DEMENTIA.ORG>
Cc: Mike Busby <mcb@mach.eng.hou.compaq.com>, hesiod@MIT.EDU
In-Reply-To: <ML-1.3.2.838406235.113.shadow@johnstown.andrew.cmu.edu>
The actual message was this;
> On Tue, 21 May 1996, Randall S. Winchester wrote:
>
> : I (not surprisingly I guess) had similar problems with Hesiod records
> : on a cache only server with BIND-4.9.4-T1A as I did with p2c4.
> : I had similar problems even when I told named to ignore check-names.
> :
> : Randall
> :
> : [ for now, hesiod sites will probably have to say "check-names primary
> : ignore". --vix ]
> :
There was another problem I was refering to in that message which is of
note. In the previous BIND releases hesiod would work fine getting its root
information from the hints. The hints are like these lines lines in the
named.root/named.ca file
;
; Root HS Servers
;
. 99999999 HS NS EGYPT.ENG.UMD.EDU.
EGYPT.ENG.UMD.EDU. 99999999 HS A 129.2.90.2
. 99999999 HS NS OLMEC.UMD.EDU.
OLMEC.UMD.EDU. 99999999 HS A 129.2.70.82
. 99999999 HS NS BABYLON.UMD.EDU.
BABYLON.UMD.EDU. 99999999 HS A 128.8.10.57
;
; IN records for HS servers
; Required for some implementations of gethostbyname using C_ANY/T_A
queries.
;
EGYPT.ENG.UMD.EDU. 99999999 IN A 129.2.90.2
OLMEC.UMD.EDU. 99999999 IN A 129.2.70.82
BABYLON.UMD.EDU. 99999999 IN A 128.8.10.57
;
This is no longer sufficient, and you must construct proper hesiod root
servers if you want to use BIND-4.9.4, as the hints section is no longer
trusted.
Now only if this had been well documented, but since there are so few root
nameservers ......
Randall
On Fri, 26 Jul 1996, Derrick J. Brashear wrote:
: >
: > We are concerned with the fact that BIND 4.9.4, in order to conform
: > to the RFCs, will disallow certain characters to be used in keys.
: >
: > This has major implications for Hesiod as regular expressions, slashes,
: > etc. can be used in DNS keys in amd automounter maps and other
: > applications.
: >
: > What steps are being taken at other sites to address this?
:
: This issue was raised on the bind-workers mailing list, and the answer as I
: recall was that these limitations applied only to A records (and presumably
: AAAA records, but I don't remember). Since presumably you export only TXT (and
: possibly CNAME) records, it should not be a problem.
:
: I can go hunt for mail if anyone cares.
:
: -D
:
:
