MS DNS creating invalid records rejected by Bind check-names? - swinog

30 Aug 2012


      Hello World!
We have a strange problem with a customer for which we provide secondary DNS 
services.
He uses a Microsoft DNS Server.
According to the RFC I found, the underscore character is only valid in SRV 
Records. In any other records, this is an invalid character.
Our Customers ADS Server keeps autocreating one records like this:
gc._msdcs.web.EXAMPLE.COM 1800 IN A 192.0.2.44
Bind refuses to accept zone transfers from his server and eventualy the zone 
expires on the secondary.
Then the customer deletes the RR, the transfer is successfull, but shortly 
afterwards the mentioned A record with underscore is re-created by the ADS and 
the problem is back.
Is this some kind of MS DNS bug, or have the DNS RFCs been updated recently to 
also allow underscores in other RR and some non bleading edge versions of bind 
still use the check from previous rfc?
Benoit Panizzon
-- 
I m p r o W a r e   A G    -    
______________________________________________________

Zurlindenstrasse 29             Tel  +41 61 826 93 07
CH-4133 Pratteln                Fax  +41 61 826 93 02
Schweiz                         Web  http://www.imp.ch
______________________________________________________