Re: Extra records in zone transfers
"D. J. Bernstein" <djb@cr.yp.to> Sun, 18 March 2001 13:58 UTC
Received: from psg.com (exim@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with SMTP id IAA08126 for <dnsext-archive@lists.ietf.org>; Sun, 18 Mar 2001 08:58:59 -0500 (EST)
Received: from lserv by psg.com with local (Exim 3.16 #1) id 14ed9g-000Nx7-00 for namedroppers-data@psg.com; Sun, 18 Mar 2001 05:23:32 -0800
Received: from pcp017500pcs.wireless.meeting.ietf.org ([135.222.64.2] helo=roam.psg.com ident=root) by psg.com with esmtp (Exim 3.16 #1) id 14ed9d-000Nx1-00 for namedroppers@ops.ietf.org; Sun, 18 Mar 2001 05:23:29 -0800
Received: from randy by roam.psg.com with local (Exim 3.20 #1) id 14ed9f-0000Rv-00 for namedroppers@ops.ietf.org; Sun, 18 Mar 2001 05:23:31 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Date: Sun, 18 Mar 2001 06:07:29 -0000
Message-ID: <20010318060729.2828.qmail@cr.yp.to>
From: "D. J. Bernstein" <djb@cr.yp.to>
To: namedroppers@ops.ietf.org
Subject: Re: Extra records in zone transfers
References: <20010317142817.24001.qmail@cr.yp.to> <200103172254.HAA03218@necom830.hpcl.titech.ac.jp>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 7bit
Masataka Ohta writes:
> same name server may have different A records zone by zone.
That's the BIND 9 model, but it is _not_ consistent with RFC 1034.
Here's what the DNS specifications actually say:
* DNS is divided into zones. Names are partitioned among zones. Each
zone is authoritative for all records under its names. See RFC
1034, section 4.1.
* Zones may---and sometimes must---contain records for which they
aren't authoritative, i.e., records from other zones. These records
are supposed to be EXACT COPIES of the authoritative records. See
RFC 1034, section 4.2.1, last paragraph on page 20.
I realize that people often make mistakes in copying records: look at
cs.princeton.edu, for example. Those people are violating the protocol.
They have no right to expect clients to preserve both sets of records.
Clients can and do assume the accuracy of any record set received from
any server authorized to provide that set.
> > My servers use a redesigned unified configuration-file format,
> Your server is wrongly implemented, then.
Don't be ridiculous. I'm not going to force my users to deal with that
horrendous format. If they want painful configuration, they can use the
BIND master-file format. That format is, by the way, neither stable nor
identical to the standard RFC 1034 master-file format, so you can't
justify it on interoperability grounds.
---Dan
P.S. One of my recent messages hasn't shown up on the list. Is Bush
censoring messages again, or is he simply incompetent? For previous
incidents see http://cr.yp.to/djbdns/namedroppers.html.
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
- Re: Extra records in zone transfers D. J. Bernstein
- Re: Extra records in zone transfers Masataka Ohta
- Re: Extra records in zone transfers Andreas Gustafsson
- Re: Extra records in zone transfers D. J. Bernstein
- Re: Extra records in zone transfers Masataka Ohta