Change in behaviour regarding ndots and searchlist
dougb at dougbarton.us
Mon Sep 15 18:06:22 UTC 2014
On 9/15/14 7:04 AM, Lightner, Jeff wrote:
> While the final dot has been required within zone files to prevent unwanted appendages to records it has NOT been required by tools such as host and nslookup on either Windows or Linux/UNIX which routinely use "search" domains.
On Windows the behavior you're seeing has been the default for a long
time. (I spend a lot of time looking at BIND query logs helping
customers to debug wacky holes they've dug for themselves with Windows
Further, Windows has a "feature" usually referred to as "domain search
devolution" which means that if you have a domain name option (NOT a
search string) such as foo.example.com and <query>.foo.example.com
doesn't return an answer, it will also try for <query>.example.com and
So short names are awesome ... except where they're not. :) And even
more awesome in the Windows world when you have applications that can
ONLY work with short names, you can't even type a FQDN into the config.
More information about the bind-users