[NANOG] Re: Reasons why BIND isn't being upgraded

Is there any particular harm from accepting this syntax. It wouldn't be
the first time a RFC has been updated to match working code.

> > (1) 8.2.3 Doesn't accept the "(" in the SOA string to be on the
> > next line after the IN SOA. Our script-generated zonefiles, about
> > 45000 of them, all had this.
> Neither do the relevant RFC's, or any other DNS implementation.
> Pre-8.2.3 was simply _wrong_ to accept that syntax.

Is there any particular harm from accepting this syntax.

No and Yes. No in that an argument could be made that the old parsing
routine fell under the "be liberal in what you accept" rules. Yes in that
the Master File Format is intended to provide an interchangable database
table, so while BIND may have been liberal it was doing so at the expense
of some interoperability measures.

The real culprit in this story is the script-generator. It should have
been cranking out standard-compliant zone files from day one.

RFC 1122 s1.2.2 may not apply directly to configuration files, but the
spirit is good. The bracket acceptance would be classed as a
fault-tolerance feature, if BIND had a marketing department and glossy
brochures :slight_smile:

I can understand the annoyance felt by a large hosting provider updating
BIND in an emergency and finding more than just a security fix. Pim is, I
guess, concerned that similar updates in future may have longer MTTR
impact. Pete Elke's point about preproduction testing could perhaps be
turned from a combative tone to the constructive without loss of


Absolutely. The guilty party for that script has long left the
organization. This is real world, where people have to deal with other
people's messes :).