Perhaps they need to set the ‘ndots’ option in
resolv.conf to trigger absolute queries if they find more than 1 dot,
so something like:
options ndots 2
would prevent a query to the .prod. TLD.
from ‘man resolv.conf’
ndots:n
sets a threshold for the number of dots which must
appear in a name given to res_query(3) (see resolver(3)) before an
initial absolute query will be made. The default for n is
1, meaning that if there are any dots in a name, the name
will be tried first as an absolute name before any search
list elements are appended to it. The value for this option
is silently capped to 15.
francisco
On Sep 11, 2014, at 9:07 AM, Paul Wouters <[email protected]> wrote:
>
> Hi,
>
> Guess the first people are now finding out that .prod went live. I heard
> from a large webhoster that their sysadmins use "db1.prod" for a
> shorthand of db1.prod.corp.com. They are now attempting to go to
> the 127.0.53.53 warning pit.
>
> I had never through of "prod" being a problem. but it might actualy be
> a pretty big one, along with "stag" if that is ever delegated.
>
> Paul
> _______________________________________________
> dns-operations mailing list
> [email protected]
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
