2

Summary

I am attempting to set up Wide-Area Bonjour (aka DNS-SD) using ISC Bind 9.9.5, but cannot load reverse lookup zones providing discovery of "rich-text" service domains.

Background

According to Discovery of Browsing and Registration Domains (Domain Enumeration):

Five special RR names are reserved for this purpose:

      b._dns-sd._udp.<domain>.
     db._dns-sd._udp.<domain>.
      r._dns-sd._udp.<domain>.
     dr._dns-sd._udp.<domain>.
     lb._dns-sd._udp.<domain>.

By performing PTR queries for these names, a client can learn, respectively:

  • A list of domains recommended for browsing.
  • A single recommended default domain for browsing.
  • A list of domains recommended for registering services using Dynamic Update.
  • A single recommended default domain for registering services.
  • The "legacy browsing" or "automatic browsing" domain(s).
[ deletia ]

The <domain> part of the query name may also be derived a different way, from the host's IP address. The host takes its IP address and calculates the logical AND of that address and its subnet mask, to derive the 'base' address of the subnet (the 'network address' of that subnet, or, equivalently, the IP address of the 'all-zero' host address on that subnet). It then constructs the conventional DNS "reverse mapping" name corresponding to that base address, and uses that as the <domain> part of the name for the queries described above. For example, if a host has the address 192.168.12.34, with the subnet mask 255.255.0.0, then the 'base' address of the subnet is 192.168.0.0, and to discover the recommended automatic browsing domain(s) for devices on this subnet, the host issues a DNS PTR query for the name "lb._dns-sd._udp.0.0.168.192.in-addr.arpa."

Also, under Domain Names:

rich-text service subdomains are allowed and encouraged, for example:

 Building 2, 1st Floor  .  example  .  com  .
 Building 2, 2nd Floor  .  example  .  com  .
 Building 2, 3rd Floor  .  example  .  com  .
 Building 2, 4th Floor  .  example  .  com  .

Therefore one should expect to see in DNS RRs along the following lines:

lb._dns-sd._udp.0.0.168.192.in-addr.arpa.  PTR  Building\ 2\,\ 1st\ Floor.example.com.

Problem

Whilst I'm able to load other (e.g. forward-lookup) zones containing such PTR records, I find that within in-addr.arpa I receive the following error:

dns_rdata_fromtext: db.0.168.192.in-addr.arpa:26: near 'Building\ 2,\ 1st\ Floor.example.com.': bad name (check-names)

So, my questions:

  1. Why does this only happen within in-addr.arpa? Bind is obviously giving such zones special treatment—but why?

  2. How can I follow the recommendation to have "rich-text" service subdomains whilst enabling their discovery from the client's network address?

Community
  • 1
eggyal
  • 402
  • 5
  • 16
  • I suspect you'll have to take this up with the maintainers of bind. – Michael Hampton Nov 24 '14 at 00:45
  • @MichaelHampton: Thanks, I have submitted a bug report. I'll leave the question here in case anyone has a clever workaround. – eggyal Nov 24 '14 at 00:58
  • I'd understand it if the DNS standards required that PTR records point at hostnames (which have more stringent requirements than DNS labels), but I'm fairly certain that is not the case. Also, side note, RFC6763 is a Proposed Standard from 2013. Not a whole lot of time for standards convergence yet, so mileage may vary. – Andrew B Nov 24 '14 at 04:37

1 Answers1

1

Within named.conf, one can specify check-names ignore for the zone.

Presumably in-addr.arpa zones default to fail whereas forward-lookup zones do not.

eggyal
  • 402
  • 5
  • 16
  • 1
    Both have check-names enabled by default but: [*check-names applies to the owner names of A, AAAA and MX records. It also applies to the domain names in the RDATA of NS, SOA, MX, and SRV records. It also applies to the RDATA of PTR records where the owner name indicated that it is a reverse lookup of a hostname (the owner name ends in IN-ADDR.ARPA, IP6.ARPA, or IP6.INT).*](http://ftp.isc.org/isc/bind9/cur/9.10/doc/arm/Bv9ARM.ch06.html#options) – Håkan Lindqvist Nov 24 '14 at 01:43
  • @HåkanLindqvist: Ah, I see. Thanks for that. Is it possible to disable check-names for a more specific subset than an entire zone, without subzoning? Obviously I'd rather leave it enabled for actual reverse lookups.. – eggyal Nov 24 '14 at 08:09