Check zones with underscores in host names (A Records)

Haim [Howard] Roman roman at jct.ac.il
Tue Feb 12 11:11:55 UTC 2008 

We also have to allow underscores (good old Microsoft!).  Here is what
we have in our /etc/named.conf:


    options {
    ...

    #---------------------------------------------------------
    # turn off name checking.  We have too many host names with
    # underscores, plus all the MS AD records we get from others.
    # Anyway, while RFC 1123 forbade underscores, RFC 2181 allowed
    # it *& maybe other characters.  (roman 2007/12/05)

    check-names master ignore;
    check-names slave  ignore;

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Haim (Howard) Roman
Computer Center, Jerusalem College of Technology
roman at jct.ac.il
Phone: 052-8-592-599 (6022 from within Machon Lev)



-------- Original Message  --------
Subject: Check zones with underscores in host names (A Records)
From: Jack Tavares <j.tavares at F5.com>
To: bind-users at isc.org
Date: Tue Feb 12 2008 12:57:13 GMT+0200 (IST)
> Hello -
>  
> I use named-checkzone to check for zone validity.
>  
> However, named-checkzone will complain if there is an "_" in the domain label of an A Record.
>  
> I need to allow for underscores in A records, but I still want to check for other errors.
>  
> It seems to me that the only way to do that would be to parse the error/warning strings
> to separate errors that I want to ignore (underscores) and catch errors that I care about.
>  
> Is there any other way to do this?
>  
> Example, given this zone file
> $ORIGIN .
> $TTL 500        ; 8 minutes 20 seconds
> test.com                IN SOA  d62.test.net. hostmaster.d62.test.net. (
>                                 8          ; serial
>                                 10800      ; refresh (3 hours)
>                                 3600       ; retry (1 hour)
>                                 604800     ; expire (1 week)
>                                 60         ; minimum (1 minute)
>                                 )
>                         NS      d62.test.net.
> $ORIGIN test.com.
> under_score             A 1.2.3.4
>                                NS unknown.test.net.
>  
> calling named-checkzone thusly
>  
> named-checkzone test.com. db.test
> returns
> db.test:14: under_score.test.com: bad owner name (check-names)
> zone test.com/IN: under_score.test.com/NS 'unknown.test.net' (out of zone) has no addresses records (A or AAAA)
> zone test.com/IN: loaded serial 8
> OK
> with a return code of 0
>  
> Calling with
> named-checkzone -kfail test.com. db.test
> returns
> db.test:14: under_score.test.com: bad owner name (check-names)
> zone test.com/IN: loading from master file db.test failed: bad owner name (check-names)
> [root at d35:Active] namedb # echo $?
> 1
>
> It returns an error code of "1", but stops after the first error.
>  
> calling with
>  
> named-checkzone -kfail -ifull test.com. db.test
> also stops at the first error.
>  
> using
> named-checkzone -kwarn -ifull test.com . db.test
> gives
> db.test:14: under_score.test.com: bad owner name (check-names)
> zone test.com/IN: under_score.test.com/NS 'unknown.test.net' (out of zone) has no addresses records (A or AAAA)
> zone test.com/IN: loaded serial 8
> OK
>
> returns an error code of 0 (ok) but logs messages.
>  
> So, to do what I want to do,
> I have to basically ignore the return code and parse the output messages to see if something has
> gone wrong.
>  
> Am I missing an easier way to do this?
>  
> Thanks
>  
> --
> jack
>  
>  
>  
>
>
>

More information about the bind-users mailing list