Thanks to everyone that answered. I did not realize that "check-names" only checked things it considered "hostnames" and not all DNS names. I just reread the BIND manual and found:
check-names applies to the owner names of A, AAAA and MX records. It also applies to the domain names in the RDATA of NS, SOA, MX, and SRV records. It also applies to the RDATA of PTR records where the owner name indicated that it is a reverse lookup of a hostname (the owner name ends in IN-ADDR.ARPA, IP6.ARPA, or IP6.INT). I had always thought that it applied to all records. My apologies. I wonder if it always made that distinction? -- Bob Harold hostmaster, UMnet, ITcom Information and Technology Services (ITS) University of Michigan On Thu, May 29, 2014 at 1:34 PM, Jim Reid <[email protected]> wrote: > On 29 May 2014, at 18:20, Bob Harold <[email protected]> wrote: > > > If I (reluctantly) accept that DNS names that are not hostnames can have > > underscores in them, why does BIND not have an option to allow that, > while > > still rejecting invalid hostnames? Or have I missed something? > > I think you have missed something. > > BIND does allow domain names with underscores in them. In fact SRV records > use underscores so that names with those _service._proto labels can't be > confused with hostnames. > > BIND9 has a check-names hook to ignore, warn and fail RRs that should > comply with hostname syntax but don't. It's been there for years. > >
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
