Date: Sun, 03 Aug 97 22:17:57 -0800 From: "Studded" <Studded@dal.net> To: "Karl Denninger" <karl@Mcs.Net> Cc: "freebsd-current@FreeBSD.ORG" <freebsd-current@FreeBSD.ORG>, "lists@tar.com" <lists@tar.com>, "Terry Lambert" <terry@lambert.org> Subject: Re: Moving to a more current BIND Message-ID: <199708040518.WAA29255@mail.san.rr.com>
next in thread | raw e-mail | index | archive | help
This is exactly the kind of debate I didn't want to get into, so I'll respond just this one time. On Sun, 3 Aug 1997 20:04:14 -0500, Karl Denninger wrote: >On Sun, Aug 03, 1997 at 04:58:42PM -0800, Studded wrote: >> On Sun, 3 Aug 1997 15:54:54 -0700 (MST), Terry Lambert wrote: >> >> >On the specific issue of the most recent "bind", I have a problem. >> > >> >Someone has stated that their new "bind" is complaining about my >> >use of an alias record as the name of my DNS server. >> >> This has always been an error, but BIND 8.1.1 is more vocal about >> it now. TMK BIND 4.9.6 does not exhibit any differences in relation to >> this from the BIND 4.9.4 we had in the tree. In any case, what you're >> doing will still work, and 8.1.1 allows you to send those error messages >> to /dev/null if you like. >> >> >This is a bogus thing for it to do, since it is imperitive that >> >you be able to use a DNS rotor for DNS services, if you have >> >equivalent servers for reasons of fault tolerance. >> >> Without going into too much detail that's better left for >> bind-users@vix.com, a dns rotary is certainly not "imperative," and BIND >> is actually pretty smart about sending its queries to the one of your name >> servers that is in the best network position to it. > >A CNAME can *only* point to an "A" record. This is not accurate. A CNAME record can refer to another CNAME record, although this is not related to this question. >Using CNAMEs in NS lines is in violation of the BIND rules and will break. It is a violation of the spec, but it will also work. Just for fun, I added an ns record for a cname. From an 8.1.1 system to another, and from a 4.9.6 system nslookup specifying the cnamed server worked fine. I don't use this feature myself, but I know others that do (with 8.1.1 systems) and it works. That doesn't mean it's a good idea. In the future compatability for this could end. For the details on why this is bad, see the BIND FAQ, /usr/src/contrib/bind/doc/misc/FAQ.2of2 Question 6.6. >Don't do it. If you do it, people using BIND 8.1.1 *CANNOT RESOLVE YOUR >DOMAIN*. That includes, among others, us. You might consider double-checking your setup. It *should* work, but that still doesn't mean it's a good idea. Doug The man who fears nothing, loves nothing.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708040518.WAA29255>