ns1.greatdomains.com - DNS on the Wild ( and Wacky ) Frontier

Jim Reid jim at rfc1035.com
Fri Oct 13 15:11:52 UTC 2000

>>>>> "Ted" == Ted Rule <Ted_Rule at flextech.co.uk> writes:

    Ted> Since last posting a broken dig to the mailing list, I've
    Ted> been able to make some more complete decodes of their broken
    Ted> DNS "server" implementation, and potential issues which may
    Ted> arise with bind9 interoperability.

One small but important point. It's not "BIND9 interoperability"
that's the issue with greatdomains.com's name servers. It's
interoperability with the DNS wire protocol defined in numerous RFCs.
BIND9 is just more pernickety than other implementations about
adhering to the protocol specs.

You've presented plenty of evidence that greatdomains.com's name
servers are misbehaving badly: malformed packets, incorrect replies,
etc, etc. Well done. It's up to the implementers/administrators of
these broken name servers to correct those errors. It's their
problem. I'm sure their customers will let them know about it when
they become detached from the rest of the DNS. I wonder how other DNS
implementations cope with these broken name servers?

Now maybe BIND9 could/should have a config file option to ignore
protocol violations. But this is probably not a good idea. For
starters, it contradicts a major design goal of BIND9. And there would
be all sorts of intractable operational problems. Imagine the hassle
in DNS administration - not to mention code maintenance! - of coping
with a legacy of illegal packets and broken implementations that could
live on unfixed forever. And if this option existed, where would it
go? If it went in named.conf, tools like dig wouldn't see it and if it
went into resolv.conf, the addition of a previously unknown keyword
might break existing code.

Personally speaking, if greatdomains.com's name servers won't play by
the rules, they should be left to fester in their self-imposed mess.
It's disappointing that you appear to have had such a poor response
from their hostmaster. Sigh.

More information about the bind-workers mailing list