Hello,
It was brought to my attention earlier today that a zone file
correctly loaded into a customer's BIND nameserver and transferred
to BitFolk's servers was not being served correctly by two of the
servers.
On further investigation it seems that there's some bug in PowerDNS
regarding DNS names (the bit on the left hand side) with "\032" in them.
Last year I fixed a bug in the sqlite backend of PowerDNS regarding
incorrect escaping of "\", which had prevented "\032" and anything
else with "\" in it being stored correctly as DNS content (the right
hand side). I'm not yet sure if this is related or more fundamental.
I've reported the bug.
At the moment the impact is that if you have a DNS zone with
something like this in it:
foo\032bar._http._tcp SRV 0 0 10
baz.example.com.
then it will get stored in
b.authns.bitfolk.com and
c.authns.bitfolk.com as:
foo bar._http._tcp SRV 0 0 10
baz.example.com.
This is incorrect. BIND servers taking the same AXFR would store
"foo\032bar._http._tcp". Anything correctly querying for
"foo\032bar._http._tcp" will not get answers from the affected
servers.
Therefore for the moment if you have zones that use these types of
record on the left hand side, you should not delegate them to
{b,c}.authns.bitfolk.com.
"\032" on the right hand side is okay.
If you use PowerDNS yourselves I'd be interested to know if you can
replicate this with backends other than gsqlite (e.g. gmysql or
gpsql), as this would indicate whether it's a problem with the
gsqlite backend or something else.
FWIW this type of DNS name seems to be used for DNS-based service
discovery:
http://www.dns-sd.org/
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce