[Bug 1090593] Re: D.ROOT-SERVERS.NET changing January 3rd 2013
Robie Basak
1090593 at bugs.launchpad.net
Wed Jan 30 19:32:48 UTC 2013
** Description changed:
+ [Impact]
+
+ named may use the wrong server for D.ROOT-SERVERS.NET on startup, as the
+ IP address is changing. This will cause a startup delay as it times out
+ and bootstraps from another root server instead. In the worst case, a
+ malicious actor on the old IP could subvert DNS.
+
+ From the other direction, we should not cause unnecessary load on an IP
+ address that is no longer a root server.
+
+ [Test Case]
+
+ It isn't really possible to effectively test this change, since named
+ will automatically use any available root server.
+
+ It will suffice just to check that an updated installation of bind9 does
+ not have the old entry of 199.7.91.13 for D-ROOT-SERVERS.NET in
+ /etc/bind/db.root, does have the new entry of 128.8.10.90 for it, and
+ that "dig www.ubuntu.com a @localhost" still works.
+
+ [Regression Potential]
+
+ We are changing the root hints file so we should check that named still
+ bootstraps, which I've included in the test case.
+
+ [Original Description]
+
Currently we have:
/etc/bind/db.root:D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
The new IPv4 address for this authority is 199.7.91.13
The current IPv6 address for this authority is 2001:500:2d::d and it
will continue to remain unchanged.
See http://d.root-servers.org/
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1090593
Title:
D.ROOT-SERVERS.NET changing January 3rd 2013
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1090593/+subscriptions
More information about the Ubuntu-server-bugs
mailing list