DNS/FCP/BIND - moin.dnsq.info

DNS/FCP/BINDについて、ここに記述してください。

1. CHANGES

1037.   [bug]           Negative responses whose authority section contain
                        SOA or NS records whose owner names are not equal
                        equal to or parents of the query name should be
                        rejected. [RT #1862]

2. 別件

3282.   [bug]           Restrict the TTL of NS RRset to no more than that
                        of the old NS RRset when replacing it.
                        [RT #27792] [RT #27884]

 994.   [func]          Treat non-authoritative responses to queries for type
                        NS as referrals even if the NS records are in the
                        answer section, because BIND 8 servers incorrectly
                        send them that way.  This is necessary for DNSSEC
                        validation of the NS records of a secure zone to
                        succeed when the parent is a BIND 8 server. [RT #1706]

%dig -t txt b.sub.mufj.jp @ns1.worth-t.ne.jp    

b.sub.mufj.jp.          600     IN      TXT     "Your_cache_server_is_vulnerable."
    
%dig txt version.bind chaos @ns1.worth-t.ne.jp     

;; ANSWER SECTION:
VERSION.BIND.           0       CH      TXT     "BIND 8.3.3"

;; Query time: 6 msec
;; SERVER: 210.252.152.66#53(210.252.152.66)
;; WHEN: Tue Feb 26 11:49:57 JST 2019
;; MSG SIZE  rcvd: 76

MoinQ: DNS/FCP/BIND

1. CHANGES

2. 別件