check-names fail
Jim Reid
jim at rfc1035.com
Mon Jan 15 20:35:10 UTC 2001
>>>>> "Bob" == Bob Vance <bobvance at alumni.caltech.edu> writes:
Bob> With
Bob> check-names master fail;
Bob> both 8.2.2-p5 and p7, simply reject an offending record and
Bob> continue to load the zone and answer non-authoritatively for
Bob> the rest of the names. 8.2.3T9B, however, rejects the entire
Bob> zone!! Which is the correct behavior?
It depends on your definition of "correct". RFC2181 says that a server
should not refuse to load a zone containing "labels that might not be
acceptable to some DNS client programs". So 8.2.2P[57] are probably
correct for following RFC2181. However it could be argued that the
check-names option you've selected means you've decided to override
that RFC. If that's the case, then the 8.2.2 versions are not
correct. The BIND8 documentation says that when the fail option is
chosen the offending records are logged and the data rejected. So
according to the documentation a zone containing illegal names should
still be loaded. That would indicate 8.2.3T9B is not correct.
The name checking behaviour of 8.2.3T9B and 8.2.2 should probably be
consistent, so it might be an idea to file a bug report.
More information about the bind-users
mailing list