[Bug 1090593] [NEW] D.ROOT-SERVERS.NET changing January 3rd 2013

Launchpad Bug Tracker 1090593 at bugs.launchpad.net
Thu Jan 31 11:47:37 UTC 2013 

You have been subscribed to a public bug by Robie Basak (racb):

[Impact]

named may use the wrong server for D.ROOT-SERVERS.NET on startup, as the
IP address is changing. This will cause a startup delay as it times out
and bootstraps from another root server instead. In the worst case, a
malicious actor on the old IP could subvert DNS.

>From the other direction, we should not cause unnecessary load on an IP
address that is no longer a root server.

[Test Case]

It isn't really possible to effectively test this change, since named
will automatically use any available root server.

It will suffice just to check that an updated installation of bind9 does
not have the old entry of 199.7.91.13 for D-ROOT-SERVERS.NET in
/etc/bind/db.root, does have the new entry of 128.8.10.90 for it, and
that "dig www.ubuntu.com a @localhost" still works.

[Regression Potential]

We are changing the root hints file so we should check that named still
bootstraps, which I've included in the test case.

[Original Description]

Currently we have:
/etc/bind/db.root:D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90

The new IPv4 address for this authority is 199.7.91.13

The current IPv6 address for this authority is 2001:500:2d::d and it
will continue to remain unchanged.

See http://d.root-servers.org/

** Affects: bind9 (Ubuntu)
     Importance: Medium
         Status: Fix Released

** Affects: bind9 (Ubuntu Lucid)
     Importance: Undecided
         Status: New

** Affects: bind9 (Ubuntu Oneiric)
     Importance: Undecided
         Status: New

** Affects: bind9 (Ubuntu Precise)
     Importance: Undecided
         Status: New

** Affects: bind9 (Ubuntu Quantal)
     Importance: Undecided
         Status: New

** Affects: bind9 (Ubuntu Raring)
     Importance: Medium
         Status: Fix Released

-- 
 D.ROOT-SERVERS.NET changing January 3rd 2013
https://bugs.launchpad.net/bugs/1090593
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.

More information about the Ubuntu-sponsors mailing list