** Description changed: + [Impact] + + named may use the wrong server for D.ROOT-SERVERS.NET on startup, as the + IP address is changing. This will cause a startup delay as it times out + and bootstraps from another root server instead. In the worst case, a + malicious actor on the old IP could subvert DNS. + + From the other direction, we should not cause unnecessary load on an IP + address that is no longer a root server. + + [Test Case] + + It isn't really possible to effectively test this change, since named + will automatically use any available root server. + + It will suffice just to check that an updated installation of bind9 does + not have the old entry of 199.7.91.13 for D-ROOT-SERVERS.NET in + /etc/bind/db.root, does have the new entry of 128.8.10.90 for it, and + that "dig www.ubuntu.com a @localhost" still works. + + [Regression Potential] + + We are changing the root hints file so we should check that named still + bootstraps, which I've included in the test case. + + [Original Description] + Currently we have: /etc/bind/db.root:D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 The new IPv4 address for this authority is 199.7.91.13 The current IPv6 address for this authority is 2001:500:2d::d and it will continue to remain unchanged. See http://d.root-servers.org/
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/1090593 Title: D.ROOT-SERVERS.NET changing January 3rd 2013 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1090593/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs