First Last Prev Next    This bug is not in your last search results.
Bug 43590 - /etc/bind/db.root is partially outdated
/etc/bind/db.root is partially outdated
Status: REOPENED
Product: UCS
Classification: Unclassified
Component: DNS
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-02-20 14:06 CET by Dirk Ahrnke
Modified: 2021-10-26 10:38 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 1: Cosmetic issue or missing function but workaround exists
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 1: Nuisance – not a big deal but noticeable
User Pain: 0.006
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2021100521000303
Bug group (optional): Workaround is available
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Ahrnke 2017-02-20 14:06:28 CET 
The latest available bind9 package (4.1-4-errata/amd64/bind9_9.8.4.dfsg.P1-6+nmu2.126.201702061148_amd64.deb) contains a /etc/bind/db.root which is more than 4 years old and differs partially from named.cache available from ftp://ftp.internic.net/domain/
Comment 1 Arvid Requate univentionstaff 2017-02-20 15:13:22 CET 
Any issues arising from that?
Comment 2 Dirk Ahrnke 2017-02-20 16:05:53 CET 
I am not sure if there are problems.
There was one anecdotal report in http://forum.univention.de/viewtopic.php?f=48&t=6498.

Beside some upper/lower case differences for IPv6-addresses and additional IPv6 addresses there is one mentionable thing:

< H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
< H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
---
> H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
> H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::803F:235
Comment 4 Philipp Hahn univentionstaff 2018-03-09 11:48:57 CET 
Still valid with UCS-4.3: 2016-02-17+01 << 2018-03-07+01
Comment 5 Stefan Gohmann univentionstaff 2019-01-03 07:22:50 CET 
This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018.

Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact
your partner or Univention for any questions.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.
Comment 6 Mário Santiago univentionstaff 2021-10-26 09:36:01 CEST 
On a Univention Corporate Server 4.4-8 errata1019 (Blumenthal) The Client reports:

"..on the UCS system 4.4-8 / 1019 there is an incorrect /etc/bind/db.root
which among other things causes these messages to show up in the logs:
checkhints: b.root-servers.net/A (192.228.79.201) extra record in hints
and
checkhints: b.root-servers.net/A (199.9.14.201) missing from hints

apart from the fact that requests are still mistakenly made to the old b.root-server.."

Asking for /etc/bind/db.root, he delivers the following information:

This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: February 17, 2016
; related version of root zone: 2016021701


See full file here:
https://pastebin.knut.univention.de/3kR4wuTw#db.root%2520
Comment 7 Philipp Hahn univentionstaff 2021-10-26 10:38:03 CEST 
This is mostly cosmetic.

You can easily fix it by doing
> wget -O/etc/bind/db.root https://www.internic.net/domain/named.root

UCS-4.4 is based on Debian-9-Stretch, which is old²stable and will probably not receive updates. So don't wait for any work here; this bug will probably be just closed again as WONTFIX in some years.
First Last Prev Next    This bug is not in your last search results.