[Bug 1090593] Re: D.ROOT-SERVERS.NET changing January 3rd 2013

Robie Basak 1090593 at bugs.launchpad.net
Thu Jan 31 11:49:19 UTC 2013 

** Patch added: "quantal.debdiff"
   https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1090593/+attachment/3508779/+files/quantal.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1090593

Title:
   D.ROOT-SERVERS.NET changing January 3rd 2013

Status in “bind9” package in Ubuntu:
  Fix Released
Status in “bind9” source package in Lucid:
  New
Status in “bind9” source package in Oneiric:
  New
Status in “bind9” source package in Precise:
  New
Status in “bind9” source package in Quantal:
  New
Status in “bind9” source package in Raring:
  Fix Released

Bug description:
  [Impact]

  named may use the wrong server for D.ROOT-SERVERS.NET on startup, as
  the IP address is changing. This will cause a startup delay as it
  times out and bootstraps from another root server instead. In the
  worst case, a malicious actor on the old IP could subvert DNS.

  From the other direction, we should not cause unnecessary load on an
  IP address that is no longer a root server.

  [Test Case]

  It isn't really possible to effectively test this change, since named
  will automatically use any available root server.

  It will suffice just to check that an updated installation of bind9
  does not have the old entry of 199.7.91.13 for D-ROOT-SERVERS.NET in
  /etc/bind/db.root, does have the new entry of 128.8.10.90 for it, and
  that "dig www.ubuntu.com a @localhost" still works.

  [Regression Potential]

  We are changing the root hints file so we should check that named
  still bootstraps, which I've included in the test case.

  [Original Description]

  Currently we have:
  /etc/bind/db.root:D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90

  The new IPv4 address for this authority is 199.7.91.13

  The current IPv6 address for this authority is 2001:500:2d::d and it
  will continue to remain unchanged.

  See http://d.root-servers.org/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1090593/+subscriptions

More information about the Ubuntu-sponsors mailing list