North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: UDP packet/DNS server
But it's perfectly ok for PTR records, though perhaps your example is less than ideal. The objection to the use of "*" was specific to NS records. An NS record should exist for a domain only if that domain exists. Since "*" matches any subdomain whether the domain exists or not, an NS record will be returned for non-existent subdomains and that violates the rule. Some records of other types are incompatible with "*" for similar reasons. The major point here is that any DNS record should reference either a valid response or another record that will lead to a response, and an NS record pointing to a zone file that doesn't exist is neither. Some folks will contend that the use of "*" in PTR records is bad form even though it is legal. That's a religious war, not a technical one. (I happen to like the use of "*", though I also believe that one should first apply specific host names whenever a static mapping allows). On Monday, 28 Sep 1998 at 21:02 EDT, Eric Germann wrote: > >you have to admit, it does save one hell of a lot of typing for the 1918 >IN-ADDR.ARPA delegations. > >rfc1918.db >---------- > >@ IN SOA ns1.xxx.net. hostmaster.xxx.net. ( > 1997101001 ; serial > 300 ; refresh > 300 ; retry > 604800 ; expire > 600) ; minimum > > IN NS ns1.xxx.net. > IN NS ns2.xxx.net. > > >* IN PTR rfc1918.xxx.net. >----------- > >then in named.bt > >primary 16.172.in-addr.arpa RFC1918.DB >primary 17.172.in-addr.arpa RFC1918.DB >primary 18.172.in-addr.arpa RFC1918.DB >primary 19.172.in-addr.arpa RFC1918.DB >primary 20.172.in-addr.arpa RFC1918.DB >primary 21.172.in-addr.arpa RFC1918.DB >primary 22.172.in-addr.arpa RFC1918.DB >primary 23.172.in-addr.arpa RFC1918.DB >primary 24.172.in-addr.arpa RFC1918.DB >primary 25.172.in-addr.arpa RFC1918.DB >primary 26.172.in-addr.arpa RFC1918.DB >primary 27.172.in-addr.arpa RFC1918.DB >primary 28.172.in-addr.arpa RFC1918.DB >primary 29.172.in-addr.arpa RFC1918.DB >primary 30.172.in-addr.arpa RFC1918.DB >primary 31.172.in-addr.arpa RFC1918.DB > >repeat for 10.x.x.x and 192.168 space > >To reiterate the question posed by the original poster, (donning asbestos), >why is this bad? > >Eric > > >At 08:31 AM 9/28/98 -0500, you wrote: >>Tatsuya Kawasaki wrote: >>>xyz.com. IN NS that.host >>>*.xyz.com In NS that.host >> >>Gah!! >> >>Illegal! >> >>Never use "*" in DNS! Just makes /bad things/ happen. >> >>@ IN SOA xyz.com. hostmaster.xyz.com. ( >> 1998092801 3600 1800 3600000 7200) >> >> ns ns1.xyz.com. >> ns ns2.xyz.com. >> >> mx 0 mail.xyz.com. >> >>mail a 1.2.3.4 >> mx 0 mail >> >>. etc .. >> >>-- >>jamie rishaw (efnet:gavroche) American Information Systems, >Inc. >> Tel:312.425.7140, FAX:312.425.7240 >> Help stop spam! router(config)#no ip routing >> thirty thousand feet above the earth..youre a beautiful thing.. >> > >========================================================================== > Eric Germann CCTec > [email protected] Van Wert, OH 45891 > http://www.cctec.com Ph: 419 968 2640 > Fax: 419 968 2641 > Network Design, Connectivity & System Integration Services > A Microsoft Solution Provider >
|