Re: Underscores in host names
Hmm, they've always teached to me that . (dot) at the end of hostnames indicates the (hidden) Root domain: blah.domain.com.[Root] And my teachers always said that we don't need to write the final . because every domain belongs to the Root domain. As for DNS servers for the Root domain, they are the reason for putting that "hint" files into our /var/named directory, "non"? Regards, Marlon Borba, CISSP Abraços, Marlon Borba, CISSP. "Por que 100? Bastaria um se eu estivesse errado!" --Albert Einstein, sobre o livro dos nazistas "100 cientistas contra Einstein".
"Peter & Karin Dambier" <peter@peter-dambier.de> 05/19/05 9:00 AM >>> [...] Because programmes like check_soa from the O'Reilly book "DNS and BIND" or sendmail believe it makes sense to force a dot at the end of every name they look up.
There are nameservers in the root zone file that DNS will not find. /etc/hosts is the only way to get them. Dont forget to have both names with and without dot.
At 12:01 -0300 5/19/05, MARLON BORBA wrote:
Hmm, they've always teached to me that . (dot) at the end of hostnames indicates the (hidden) Root domain:
blah.domain.com.[Root]
And my teachers always said that we don't need to write the final . because every domain belongs to the Root domain.
This thread needs to consider the layering of applications. E.g., Applications: Mail, Web, things using gethostbyname (host names, etc.) -------------------------------------------------------- Infrastructure: DNS, etc, (such as X.500) (domain names) Apps deal with host names, DNS deals with domain names. To the DNS, host names are a subset of domain names. To applications, domain names per DNS are "behind that interface." Apps deal with host names and other names, all of which, if running over DNS, are mapped into domain names. Referring to the above text, yes, a full qualified domain name ends in a "dot." Whenever talking to or among DNS elements, the "dot" terminates the FQDN. It must syntactically - a zero length label is the "null termination" of the domain name. Applications passing domain names to the DNS (not strings of domain names) must have this terminating null. However, this does not mean that the applications have to make the user or GUI require the null, as that interface is likely to be dealing with a string version of the name. Some DNS applications, such as dig, don't require a dot at the end of the name - if one is missing, the dot is appended. The user is alleviated of the burden of adding the dot - but on the other hand - the dot is forced upon the user. Some applications, being agnostic, won't add anything to the user's input. (This is true for non-DNS applications too.) This gives the knowledgeable user more power - unique things can be done. But it means that novices have more to learn. Some applications assume the user is lazy and adds the dot in all instances. Knowledgeable users get burned because now here are two terminating dots at times - until these users remember to "fall back" to not terminating domain names. I've seen all three kinds of applications. The latter ones tend to be the quick and dirty prototypes that don't see the light of day. The moral is that applications are choosing when to add the terminating dot. It's always there in DNS, but people don't access the DNS without going through an application. As far as whether an "_" is "legal" in a host name, you can attack the question in many ways. When cast into a domain name, "_" is legal. DNS assigns no special meaning to that character in domain names. Not even in the SRV record - if one reads the document carefully, there is no special meaning assigned by DNS, only a convention proffered that uses the "_". The convention is a function of the applications using the SRV, not the manipulation of the SRV within the DNS. When cast into a host name, "_" is not among the legal characters specified in the ancient documents. But documents are just documents - arguing over what's legal according to them is about as useful as watching haircuts. (Unless you are on a software design & implementation team.) When thrown into applications, "_" may or may not have a special meaning. Some applications will raise exception to "_". The more interesting question is why? Is this simply because of the ancient documents' restrictions? Is there some parsing consideration? Is there a special semantic inferred? It really isn't important whether the character is "legal" or not (until there is a network police force). What is more important is whether the character will work in all environments in which the name is needed. Will the "_" work in DNS domain names? Yes, unless there is a but in the DNS implementation (always a caveat). Will the "_" work in a host name? Only if the applications in use, referring to the host, can handle such a name. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar If you knew what I was thinking, you'd understand what I was saying.
On Thu, May 19, 2005 at 12:01:54PM -0300, MARLON BORBA wrote:
Hmm, they've always teached to me that . (dot) at the end of hostnames indicates the (hidden) Root domain:
blah.domain.com.[Root]
This much is true.
And my teachers always said that we don't need to write the final . because every domain belongs to the Root domain.
This, not so much. Well, kinda. Specifically, as I think was noted earlier on the thread in passing, as well, that trailing dot is a hint *to your local name resolver* that says "do not attempt to apply any locally defined DNS search path to this name; look it up once, anchored to the DNS root[0], and if you get an NXDOMAIN, believe it". Semantically, that trailing dot, as it is presented to an application, *is not part of the domain name*. It's ephemeral; only existing on the machine where you type it in -- specifically, it does not get sent in queries (SFIAK), even if you typed it in. So, no, you *don't* need to write it, unless you as an application user are trying specifically to pin the name on the root... but it's invisible to the rest of the system, just as the names themselves are invisible to the TCP stack once you've looked them up and opened a stream. Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Designer Baylink RFC 2100 Ashworth & Associates The Things I Think '87 e24 St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274 If you can read this... thank a system administrator. Or two. --me
participants (3)
-
Edward Lewis
-
Jay R. Ashworth
-
MARLON BORBA