Re: Hostname Naming Compliance
Kevin Darcy wrote: But, as far as I can tell, there's no *practical* reason to disallow underscores, other than the fact that it may trip the standards-checking code of some _other_ piece of software. So, piece of software A disallows underscores because it's worried about causing a problem for piece of software B, and piece of software B keeps the restriction because it's worried about about causing a problem for piece of software C, and piece of software C keeps the restriction because it's worried about causing a problem for piece of software A. I had a case a year or two ago where a system had a host name with an underscore in it and as a result it was unable to make a number of connections. I don't remember the details any more but removing the underscore solved the problem. It was running Windows which is why it was allowed to get that hostname in the first place. It was easier for me to point to the RFC's to get the sysadmins to change it than to figure out what was causing it to trip up and fail. There are too many failure paths. Danny ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
Danny Mayer wrote: Kevin Darcy wrote: But, as far as I can tell, there's no *practical* reason to disallow underscores, other than the fact that it may trip the standards-checking code of some _other_ piece of software. So, piece of software A disallows underscores because it's worried about causing a problem for piece of software B, and piece of software B keeps the restriction because it's worried about about causing a problem for piece of software C, and piece of software C keeps the restriction because it's worried about causing a problem for piece of software A. I had a case a year or two ago where a system had a host name with an underscore in it and as a result it was unable to make a number of connections. I don't remember the details any more but removing the underscore solved the problem. It was running Windows which is why it was allowed to get that hostname in the first place. It was easier for me to point to the RFC's to get the sysadmins to change it than to figure out what was causing it to trip up and fail. There are too many failure paths. Yes, but by the same too many failure paths logic, we could never get rid of any obsolete restrictions ever. It's all very well to take the path of least resistance when the standards have a good reason for existing. But when that reason goes away, the standards should change and the implementation and operations should follow. At a certain point, you have to say time to move on, we don't use crude teletypes any more, underscores really aren't inherently a problem; they're only an interoperability problem when talking to systems that cling slavishly to the relevant standard. Maybe a few things will break here and there in the transition, that's why there are things like patches and updates and pre-production testing. The end result of the change is more flexibility and interoperability. A standard that just sits and rots because everyone is afraid to change it, is a standard that is not serving its purpose, and once you get too many of those, people start looking at whole new paradigms. Witness the obsolence of OSI and SNA and the ascendance of TCP/IP. Learn from history. People were attracted to TCP/IP because it was more dynamic and flexible than what preceded it. We're in danger of losing that. - Kevin ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
Kevin Darcy wrote: Mark Andrews wrote: W_h_e_r_e_ _i_s_ _t__h_e_ _h_o_s_t_._n_a_m_e__ _i_n_ _t_h_i___s_ ___l_i_n__e. The ironic thing is, I don't think that *aesthetically* I favor underscores any more than Mark does. But, to me, it's like a Free Speech thing -- I may disagree with what someone says (analogous to not liking their use of underscores in names), but at the same time vigorously defend their right to say it. Since there seems to be no practical problem with using underscores, only aesthetic differences, I think they should be allowed, even though I personally find them to be ugly. I would like to see normalized UTF-8 work in DNS across the globe (as it is/was working fine in several country TLDs) and avoid punycode for IDN, but that ain't gonna happen. That horse was beat dead in the IDN meetings for fear of crashing buggy hardware/software/firmware and having to update resolvers and rebuild applications built directly with resolver libraries. If that's FUD enough to kill UTF-8 in DNS, that's enough to keep away underscores, right? ;-) (Don't answer that, unless you want to take the bait.) Regards, Mike -- Michael Milligan - mi...@acmeps.com ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
Jeff Lightner wrote: And of course you can legitimately say it is a Standard even if it isn't enforced by the software. Your argument would be that people implementing new servers or attempting to access the systems wouldn't be able to do so because they wouldn't have added the exception to Standard that your PHBs are requiring. I've been telling folks that request _ in a name that they can no longer do that and change it to a -. I tell them that it *works*, but it violates the standards. No pushback yet. -- Peter Laws / N5UWY National Weather Center / Network Operations Center University of Oklahoma Information Technology pl...@ou.edu --- Feedback? Contact my director, Craig Cochell, cra...@ou.edu. Thank you! ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
It's an excellent idea to make your systems handle such hostnames without problems (e.g. not crashing) when they run across such a name on the Internet. It's unfriendly to propagate such hostnames when doing so impedes others' ability to do something. It's against your own interests to propagate such host names if it impedes others from doing something you'd like them to be able to do, such as visit your website and buy your stuff, or answer your e-mail. The amount of harm in a specific instance depends upon what the app does and who is trying to use and what client software they use, etc. But in any case, whatever problem there could possibly be is easily avoided by simply not using underscores. If we all decide to allow underscores in hostnames, we give future app writers and users the best shot at avoiding problems if we run the change through the RFC process so they can easily look up what the rules are. However, some folks do promote and make use of these sorts of Internet improvements without bothering to do that. John On Feb 24, 2009, at 2:24 AM, David Ford wrote: Here's a question. Are we incapable of dealing with things like underscores in hostnames? Is there any significant harm in adapting? -david ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
In message 49a3a09a.2000...@blue-labs.org, David Ford writes: Here's a question. Are we incapable of dealing with things like underscores in hostnames? Is there any significant harm in adapting? When does it stop? What will be the next character you just have to have? At the moment you have 1 inter label seperator and 1 intra label seperator. That should be enough for anyone. Additionally underscore is used in names in the DNS to keep those names out of the hostname namespace. Mark -david ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
On Mon, Feb 23, 2009 at 01:54:46PM -0500, Eric C. Davis wrote: I know the option to use this compliance checker is present, but I'm curious to know if there are plans to make it mandatory to comply. We aren't using this feature now, but I would like to. My problem is politicking my way around the issue of breaking something that works. If Bind were to say they were going to start forcing compliance with this naming standard, then I simply have to say it's a standard that is being enforced. Shouldn't enforcement be applied across the board anyway instead of at the operator's discretion? I haven't heard anyone at ISC suggest this, but if I did, I'd argue against it. I don't think we have any wish to be the enforcers. :) And anyway, if we put mandatory compliance into BIND, people who wanted to break the rule would just hack it back out again. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
Eric C. Davis wrote: Are there plans for Bind to enforce hostname compliance according to RFC's or is this going to be left up to each DNS operator? the question of benefit always arises when considering the application of RFCs. It's probably better not enforcing things just for the sake of complying to some RFC unless the issue is known to cause problems. For records not created through DDNS, it's better that your dns administration mechanisms do this, plus they can enforce more restrictive naming policies particular to your organization. For the hack of it, I did implement something in our system which would reject names not matching a regex. What's more the regex could be specific to the sub-groups, so hostnames in the SI group would have to begin si- It was never enabled as there would have been some effort involved in cleaning up the existing entries. A document discussing hostnames written 7 years ago http://www.its.uq.edu.au/choosing-hostnames One of the zones we secondary has very little sub-structure and basically thousands of desktops were registering themselves with DDNS. Several years ago when developing my dnswalk2 script, it reported roughly a hundred bad names like 137 botany_ew (underscores were common) jb's\0329200 (spaces were common) I just checked and the situation is no better. Probably quite a few of these are machines not owned by the organization, though they they could insist on a valid hstname for connection to their network. Apart from zones we secondary, the only time we disable the check is for the _msdcs part of AD. Specifically only the gc records involve A records. I know it's not specified in the RFCs, but a pragmatic approach would be to have an option reporting bad hostnames ... except those A records matching ^gc\._msdcs\.. NB we always have AD a sub-zones, so it's easy to liberalize hostname checking just for that part of dns space, but that's not possible if the AD records exist in the main zone. Danny ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hostname Naming Compliance
Ah yes, the perennial rathole... Eric C. Davis wrote: I know the option to use this compliance checker is present, but I'm curious to know if there are plans to make it mandatory to comply. We RFC 1123 has always been mandatory for Internet connected hosts. Valid characters for a hostname are very clearly defined in that ancient document. Enforcement (or lack there of) is another issue. DNS is not the right place to enforce it IMHO, it's a host-level thing, an operating system thing. Blame Apple and Microsoft (and others) for not getting it right, most especially in regards to underscores. Until they change, we all are stuck with the mess. Regards, Mike -- Michael Milligan - mi...@acmeps.com ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users