On Mon, Jul 07, 2008 at 02:25:31PM -0700, Ted Faber wrote:
On Mon, Jul 07, 2008 at 02:04:31PM -0700, Bill Manning wrote:
On Mon, Jul 07, 2008 at 01:44:28PM -0700, Ted Faber wrote:
On Mon, Jul 07, 2008 at 01:38:28PM -0700, Ted Faber wrote:
On Mon, Jul 07, 2008 at 01:32:10PM -0700,
moore(_at_)network-heretics(_dot_)com wrote:
also...
% dig version.bind txt chaos @128.9.160.161
;; ANSWER SECTION:
version.bind. 0S CHAOS TXT "9.4.2"
so - recent resolver code does this trick.
Fair enough. Perils of working for ISI, I suppose - modern
infrastructure.
Not to argue with someone who's forgotten more about DNS than I know,
but I was able to get it to work from zig.usc.edu as well. On zig (a
Linux box talking to an ambiguously identified "USC Bind 9x" server)
ping needed the trailing dot on hk. to work. And by "got it to work, I
mean "typed ping". I also had no trouble on a FreeBSD machine talking
to bind 9.3.3. It works at home, too, but that's also a 9.4.2 bind.
--
Ted Faber
http://www.isi.edu/~faber PGP: http://www.isi.edu/~faber/pubkeys.asc
Unexpected attachment on this mail? See http://www.isi.edu/~faber/FAQ.html#SIG
so... the point i was tryig to make was/is:
simple queries only help if you know:
) the version of software running on your caching server
and
) the search list defined by your "resolv.conf"
zig.usc.edu,
boreas.isi.edu,
luna-base.org,
ep.net,
lcs.mit.edu,
comcast.net,
all run slightly different caching code and variable search lists.
you, me, Ted, Keith, John, et.al. are going to see -slightly- different
responses when presenting our individual local caching servers with
non-terminated DNS strings.
Japp and Karl both hinted at this problem - local policy is the worst
policy,
except for all the others. Your local DNS admin can (and occasionally
they do)
toss you into a random walled-DNS garden that has only a passing
similarity to
what you think of as the "Internet".
http://www.icann.org/committees/security/sac032.pdf
is illustrative.
--
--bill
Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf