Re: Hostname Naming Compliance

2009-03-08 Thread Danny Mayer 
Kevin Darcy wrote:

 But, as far as I can tell, there's no *practical* reason to disallow
 underscores, other than the fact that it may trip the standards-checking
 code of some _other_ piece of software. So, piece of software A
 disallows underscores because it's worried about causing a problem for
 piece of software B, and piece of software B keeps the restriction
 because it's worried about about causing a problem for piece of software
 C, and piece of software C keeps the restriction because it's worried
 about causing a problem for piece of software A.
 

I had a case a year or two ago where a system had a host name with an
underscore in it and as a result it was unable to make a number of
connections. I don't remember the details any more but removing the
underscore solved the problem. It was running Windows which is why it
was allowed to get that hostname in the first place. It was easier for
me to point to the RFC's to get the sysadmins to change it than to
figure out what was causing it to trip up and fail. There are too many
failure paths.

Danny


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-03-06 Thread Kevin Darcy 

Danny Mayer wrote:

Kevin Darcy wrote:

  

But, as far as I can tell, there's no *practical* reason to disallow
underscores, other than the fact that it may trip the standards-checking
code of some _other_ piece of software. So, piece of software A
disallows underscores because it's worried about causing a problem for
piece of software B, and piece of software B keeps the restriction
because it's worried about about causing a problem for piece of software
C, and piece of software C keeps the restriction because it's worried
about causing a problem for piece of software A.




I had a case a year or two ago where a system had a host name with an
underscore in it and as a result it was unable to make a number of
connections. I don't remember the details any more but removing the
underscore solved the problem. It was running Windows which is why it
was allowed to get that hostname in the first place. It was easier for
me to point to the RFC's to get the sysadmins to change it than to
figure out what was causing it to trip up and fail. There are too many
failure paths.
  


Yes, but by the same too many failure paths logic, we could never get 
rid of any obsolete restrictions ever. It's all very well to take the 
path of least resistance when the standards have a good reason for 
existing. But when that reason goes away, the standards should change 
and the implementation and operations should follow.


At a certain point, you have to say time to move on, we don't use 
crude teletypes any more, underscores really aren't inherently a 
problem; they're only an interoperability problem when talking to 
systems that cling slavishly to the relevant standard. Maybe a few 
things will break here and there in the transition, that's why there are 
things like patches and updates and pre-production testing. The end 
result of the change is more flexibility and interoperability.


A standard that just sits and rots because everyone is afraid to change 
it, is a standard that is not serving its purpose, and once you get too 
many of those, people start looking at whole new paradigms. Witness the 
obsolence of OSI and SNA and the ascendance of TCP/IP. Learn from 
history. People were attracted to TCP/IP because it was more dynamic and 
flexible than what preceded it. We're in danger of losing that.



- Kevin


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-03-01 Thread Michael Milligan 
Kevin Darcy wrote:
 Mark Andrews wrote:
 W_h_e_r_e_ _i_s_ _t__h_e_
 _h_o_s_t_._n_a_m_e__ _i_n_
 _t_h_i___s_ ___l_i_n__e.
   
 The ironic thing is, I don't think that *aesthetically* I favor
 underscores any more than Mark does.
 
 But, to me, it's like a Free Speech thing -- I may disagree with what
 someone says (analogous to not liking their use of underscores in
 names), but at the same time vigorously defend their right to say it.
 
 Since there seems to be no practical problem with using underscores,
 only aesthetic differences, I think they should be allowed, even though
 I personally find them to be ugly.

I would like to see normalized UTF-8 work in DNS across the globe (as it
is/was working fine in several country TLDs) and avoid punycode for IDN,
but that ain't gonna happen.  That horse was beat dead in the IDN
meetings for fear of crashing buggy hardware/software/firmware and
having to update resolvers and rebuild applications built directly with
resolver libraries.  If that's FUD enough to kill UTF-8 in DNS, that's
enough to keep away underscores, right?  ;-)

(Don't answer that, unless you want to take the bait.)

Regards,
Mike

-- 
Michael Milligan   - mi...@acmeps.com

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-25 Thread Peter Laws 

Jeff Lightner wrote:

And of course you can legitimately say it is a Standard even if it
isn't enforced by the software.   Your argument would be that people
implementing new servers or attempting to access the systems wouldn't be
able to do so because they wouldn't have added the exception to
Standard that your PHBs are requiring.


I've been telling folks that request _ in a name that they can no longer do 
that and change it to a -.  I tell them that it *works*, but it violates 
the standards.  No pushback yet.


--
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
pl...@ou.edu
---
Feedback? Contact my director, Craig Cochell, cra...@ou.edu. Thank you!
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-24 Thread John Wobus 

It's an excellent idea to make your systems handle such hostnames
without problems (e.g. not crashing) when they run across such a
name on the Internet.

It's unfriendly to propagate such hostnames when doing so impedes
others' ability to do something.

It's against your own interests to propagate such host names if it
impedes others from doing something you'd like them to be able
to do, such as visit your website and buy your stuff, or answer your
e-mail.

The amount of harm in a specific instance depends upon what the
app does and who is trying to use and what client software they use,
etc.  But in any case, whatever problem there could possibly be
is easily avoided by simply not using underscores.

If we all decide to allow underscores in hostnames, we give future app
writers and users the best shot at avoiding problems if we run the 
change

through the RFC process so they can easily look up what the rules are.
However, some folks do promote and make use of these sorts of
Internet improvements without bothering to do that.

John

On Feb 24, 2009, at 2:24 AM, David Ford wrote:


Here's a question.  Are we incapable of dealing with things like
underscores in hostnames?  Is there any significant harm in adapting?

-david

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-24 Thread Mark Andrews 

In message 49a3a09a.2000...@blue-labs.org, David Ford writes:
 Here's a question.  Are we incapable of dealing with things like
 underscores in hostnames?  Is there any significant harm in adapting?

When does it stop?  What will be the next character you
just have to have?  At the moment you have 1 inter label
seperator and 1 intra label seperator.  That should be
enough for anyone.

Additionally underscore is used in names in the DNS to
keep those names out of the hostname namespace. 

Mark

 -david
 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-23 Thread Evan Hunt 
On Mon, Feb 23, 2009 at 01:54:46PM -0500, Eric C. Davis wrote:
 I know the option to use this compliance checker is present, but I'm 
 curious to know if there are plans to make it mandatory to comply.  We 
 aren't using this feature now, but I would like to.  My problem is 
 politicking my way around the issue of breaking something that works.  
 If Bind were to say they were going to start forcing compliance with 
 this naming standard, then I simply have to say it's a standard that is 
 being enforced.  Shouldn't enforcement be applied across the board 
 anyway instead of at the operator's discretion?

I haven't heard anyone at ISC suggest this, but if I did, I'd argue
against it.  I don't think we have any wish to be the enforcers. :)
And anyway, if we put mandatory compliance into BIND, people who
wanted to break the rule would just hack it back out again.

--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-23 Thread Danny Thomas 

Eric C. Davis wrote:
 Are there plans for Bind to enforce hostname compliance according
 to RFC's or is this going to be left up to each DNS operator?

the question of benefit always arises when considering the
application of RFCs. It's probably better not enforcing things
just for the sake of complying to some RFC unless the
issue is known to cause problems.

For records not created through DDNS, it's better that your
dns administration mechanisms do this, plus they can enforce
more restrictive naming policies particular to your organization.
For the hack of it, I did implement something in our system
which would reject names not matching a regex. What's more the
regex could be specific to the sub-groups, so hostnames in the
SI group would have to begin si- It was never enabled
as there would have been some effort involved in cleaning up
the existing entries.

A document discussing hostnames written 7 years ago
 http://www.its.uq.edu.au/choosing-hostnames

One of the zones we secondary has very little sub-structure
and basically thousands of desktops were registering themselves
with DDNS. Several years ago when developing my dnswalk2 script,
it reported roughly a hundred bad names like
 137
 botany_ew (underscores were common)
 jb's\0329200  (spaces were common)

I just checked and the situation is no better. Probably quite a few
of these are machines not owned by the organization, though they
they could insist on a valid hstname for connection to their network.

Apart from zones we secondary, the only time we disable the check
is for the _msdcs part of AD. Specifically only the gc records
involve A records. I know it's not specified in the RFCs, but
a pragmatic approach would be to have an option reporting bad
hostnames ... except those A records matching ^gc\._msdcs\..
NB we always have AD a sub-zones, so it's easy to liberalize
hostname checking just for that part of dns space, but that's
not possible if the AD records exist in the main zone.

Danny

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hostname Naming Compliance

2009-02-23 Thread Michael Milligan 
Ah yes, the perennial rathole...

Eric C. Davis wrote:
 I know the option to use this compliance checker is present, but I'm
 curious to know if there are plans to make it mandatory to comply.  We

RFC 1123 has always been mandatory for Internet connected hosts.  Valid
characters for a hostname are very clearly defined in that ancient
document.  Enforcement (or lack there of) is another issue.  DNS is not
the right place to enforce it IMHO, it's a host-level thing, an
operating system thing.  Blame Apple and Microsoft (and others) for not
getting it right, most especially in regards to underscores.  Until they
change, we all are stuck with the mess.

Regards,
Mike

-- 
Michael Milligan   - mi...@acmeps.com
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users