why the new complaints about inherited owner?

Shane Kerr shane at time-travellers.org
Tue Nov 25 12:15:32 UTC 2014


Mark,

On Tue, 25 Nov 2014 22:51:11 +1100
Mark Andrews <marka at isc.org> wrote:
> In message <1DAC056D-B368-48D0-BC6A-4349AD86FB64 at netconsonance.com>,
> Jo Rhett writes:
> > Googling for information on this log message I can find only the
> > source cod= e changes. Why exactly is this bad?
> > 
> > ov 25 03:07:15 geode named[4173]: domain.include:2: record with
> > inherited o= wner (netconsonance.com) immediately after $ORIGIN
> > (netconsonance.com)
> > 
> > Zone file has the totally bog-standard SOA followed by NS records.
> > Like eve= ry record in which multiple RRs are done for the same
> > name, the NS entries = are inherited. This is not only
> > bog-standard, but it=92s still shown in the= latest BIND book from
> > O=92Reilly.  So if this is now Bad(tm) can we post s= omething
> > about why it is bad, and what the recommended practice is?
> 
> Because usually it is a error.  $ORIGIN sets "@" not the current
> owner name.

Is this something that came up because of user complaints or operator
suggestion?

I ask because it looks like BIND 9 being changed arbitrarily to be
"better" with the actual effect of causing operator confusion and
concern (as we see here). (Note that I don't follow bind9-users any
more so I could very well have missed a nice discussion about this!)
 
> $ORIGIN netconsonance.com
> 	SOA ...
> 	NS ...
> 
> $ORIGIN netconsonance.com
> @	SOA ...
> @	NS ...
> 
>  
> The owner of the SOA record depends on what lies before the $ORIGIN
> for the first group.

Does the message appear if there is actually something before $ORIGIN,
or does it happen all the time? The ideal case would only flag this as
a possible problem if it is a possible problem (meaning if something
actually comes before $ORIGIN). ;)
 
> For the second group the owner of the SOA record is the value of
> $ORIGIN.

Cheers,

--
Shane


More information about the bind-workers mailing list