diff --context --recurs m:\bind495p1/CHANGES m:\bind/CHANGES
*** m:\bind495p1/CHANGES	Tue Dec 03 19:52:51 1996
--- m:\bind/CHANGES	Wed Dec 18 23:12:07 1996
***************
*** 1,6 ****
! $Id: CHANGES,v 8.48 1996/11/11 06:36:40 vixie Exp $
! 
! 	--- 4.9.5-p1 released ---
  
  773. [bug]	syslog was being given an unprotected string to format from.
  
--- 1,12 ----
! $Id: CHANGES,v 8.52 1996/12/18 04:09:41 vixie Exp $
! 
! 	--- 4.9.5-p1 released ---
! 
! 776. [doc]	doc/misc/FAQ.* updated by its author.
! 
! 775. [bug]	KEY RRs were not allowed to default fields per [DNSSEC].
! 
! 774. [bug]	nslookup was overflowing yet another internal data structure.
  
  773. [bug]	syslog was being given an unprotected string to format from.
  
diff --context --recurs m:\bind495p1/Makefile m:\bind/Makefile
*** m:\bind495p1/Makefile	Tue Dec 03 19:52:56 1996
--- m:\bind/Makefile	Wed Dec 18 23:12:07 1996
***************
*** 1,7 ****
  # Makefile for BIND>=4.9 top level
  # vixie@decwrl December, 1992 [original]
  #
! # $Id: Makefile,v 8.47 1996/11/11 06:36:40 vixie Exp $
  
  ## ++Copyright++ 1989
  ## -
--- 1,7 ----
  # Makefile for BIND>=4.9 top level
  # vixie@decwrl December, 1992 [original]
  #
! # $Id: Makefile,v 8.48 1996/11/26 10:11:13 vixie Exp $
  
  ## ++Copyright++ 1989
  ## -
Only in m:\bind495: bind-4.9.5-P1.tar
Only in m:\bind495p1: bind-4.9.5-REL.tar.gz
diff --context --recurs m:\bind495p1/conf/portability.h m:\bind/conf/portability.h
*** m:\bind495p1/conf/portability.h	Mon Dec 02 21:41:13 1996
--- m:\bind/conf/portability.h	Wed Dec 18 23:12:04 1996
***************
*** 1,7 ****
  /* portability.h - include or define things that aren't present on all systems
   * vixie@decwrl 26dec92 [new]
   *
!  * $Id: portability.h,v 8.19 1996/09/22 00:12:50 vixie Exp $
   */
  
  /*
--- 1,7 ----
  /* portability.h - include or define things that aren't present on all systems
   * vixie@decwrl 26dec92 [new]
   *
!  * $Id: portability.h,v 8.20 1996/11/26 10:11:16 vixie Exp $
   */
  
  /*
diff --context --recurs m:\bind495p1/contrib/host/RELEASE_NOTES m:\bind/contrib/host/RELEASE_NOTES
*** m:\bind495p1/contrib/host/RELEASE_NOTES	Sat Oct 12 22:14:40 1996
--- m:\bind/contrib/host/RELEASE_NOTES	Wed Nov 13 17:50:02 1996
***************
*** 1,14 ****
! 	@(#)RELEASE_NOTES       e07@nikhef.nl (Eric Wassenaar) 961013
! 
! yymmdd		Description of changes per release
! TODO		Things that still need to be done
! WISHLIST	Wishes expressed by various people
! NOTES		Important issues to keep in mind
! MISC		Miscellaneous reminders
! 
  # ----------------------------------------------------------------------
! # Description of changes per release
  # ----------------------------------------------------------------------
  
  961013
  	Configurable defaults.
--- 1,23 ----
! 	@(#)RELEASE_NOTES       e07@nikhef.nl (Eric Wassenaar) 961113
! 
! yymmdd		Description of changes per release
! TODO		Things that still need to be done
! WISHLIST	Wishes expressed by various people
! NOTES		Important issues to keep in mind
! MISC		Miscellaneous reminders
! 
  # ----------------------------------------------------------------------
! # Description of changes per release
  # ----------------------------------------------------------------------
+ 
+ 961113
+ 	Portability fix.
+ 		Trying to include <strings.h> was a bit over-ambitious
+ 		and caused confusion on some platforms.
+ 		On certain platforms PAGESIZE is not a constant, but
+ 		hides a sysconf() call. This precludes initialization
+ 		of static variables in malloc.c
+ 		There are no functional changes in this release.
  
  961013
  	Configurable defaults.
diff --context --recurs m:\bind495p1/contrib/host/defs.h m:\bind/contrib/host/defs.h
*** m:\bind495p1/contrib/host/defs.h	Fri Oct 11 22:03:35 1996
--- m:\bind/contrib/host/defs.h	Wed Nov 13 17:40:30 1996
***************
*** 1,16 ****
  /*
  ** Declaration of functions.
  **
! **	@(#)defs.h              e07@nikhef.nl (Eric Wassenaar) 961012
  */
  
  /*
! ** Internal modules of the host utility
! ** ------------------------------------
  */
! 	/* main.c */
  
! int main		PROTO((int, char **));
  void set_defaults	PROTO((char *, int, char **));
  int process_argv	PROTO((int, char **));
  int process_file	PROTO((FILE *));
--- 1,16 ----
  /*
  ** Declaration of functions.
  **
! **	@(#)defs.h              e07@nikhef.nl (Eric Wassenaar) 961113
  */
  
  /*
! ** Internal modules of the host utility
! ** ------------------------------------
  */
! 	/* main.c */
  
! int main		PROTO((int, char **));
  void set_defaults	PROTO((char *, int, char **));
  int process_argv	PROTO((int, char **));
  int process_file	PROTO((FILE *));
***************
*** 142,167 ****
  char *inet_ntoa		PROTO((struct in_addr));
  char *hostalias		PROTO((CONST char *));
  
! 	/* <strings.h> */
  
! #if defined(NO_STRINGS_H)
  
  char *index		PROTO((const char *, int));
  char *rindex		PROTO((const char *, int));
  
- #else
- #include <strings.h>
  #endif
  
  	/* <string.h> */
  
! #if defined(NO_STRING_H)
  
  char *strcpy		PROTO((char *, const char *));
  char *strncpy		PROTO((char *, const char *, siz_t));
  
- #else
- #include <string.h>
  #endif
  
  	/* <stdlib.h> */
--- 142,165 ----
  char *inet_ntoa		PROTO((struct in_addr));
  char *hostalias		PROTO((CONST char *));
  
! 	/* avoid <strings.h> */
  
! #if !defined(index)
  
  char *index		PROTO((const char *, int));
  char *rindex		PROTO((const char *, int));
  
  #endif
  
  	/* <string.h> */
  
! #if !defined(NO_STRING_H)
! #include <string.h>
! #else
  
  char *strcpy		PROTO((char *, const char *));
  char *strncpy		PROTO((char *, const char *, siz_t));
  
  #endif
  
  	/* <stdlib.h> */
***************
*** 181,186 ****
  
  	/* <unistd.h> */
  
! #if defined(__STDC__)
  #include <unistd.h>
  #endif
--- 179,184 ----
  
  	/* <unistd.h> */
  
! #if defined(__STDC__) && !defined(apollo)
  #include <unistd.h>
  #endif
diff --context --recurs m:\bind495p1/contrib/host/malloc.c m:\bind/contrib/host/malloc.c
*** m:\bind495p1/contrib/host/malloc.c	Sat Jun 01 12:58:10 1996
--- m:\bind/contrib/host/malloc.c	Sat Oct 19 12:50:57 1996
***************
*** 36,51 ****
   */
  
  #ifndef lint
! static char Version[] = "@(#)malloc.c	e07@nikhef.nl (Eric Wassenaar) 960601";
  #endif
  
! #if defined(apollo) && defined(lint)
! #define __attribute(x)
  #endif
! 
! #include <stdio.h>
! #include <errno.h>
! #include <sys/types.h>
  #include <sys/param.h>
  
  #ifdef lint
--- 36,51 ----
   */
  
  #ifndef lint
! static char Version[] = "@(#)malloc.c	e07@nikhef.nl (Eric Wassenaar) 961019";
  #endif
  
! #if defined(apollo) && defined(lint)
! #define __attribute(x)
  #endif
! 
! #include <stdio.h>
! #include <errno.h>
! #include <sys/types.h>
  #include <sys/param.h>
  
  #ifdef lint
***************
*** 648,654 ****
  siz_t size;				/* amount of memory to allocate */
  {   
  	register ptr_t *newbuf;		/* new block of user data */
! 	static siz_t align = PAGESIZE;	/* alignment on page boundary */
  
  	newbuf = memalign(align, size);
  	return(newbuf);
--- 648,654 ----
  siz_t size;				/* amount of memory to allocate */
  {   
  	register ptr_t *newbuf;		/* new block of user data */
! 	siz_t align = PAGESIZE;		/* alignment on page boundary */
  
  	newbuf = memalign(align, size);
  	return(newbuf);
diff --context --recurs m:\bind495p1/contrib/host/vers.c m:\bind/contrib/host/vers.c
*** m:\bind495p1/contrib/host/vers.c	Sat Oct 12 22:14:34 1996
--- m:\bind/contrib/host/vers.c	Wed Nov 13 17:50:12 1996
***************
*** 1,8 ****
  #ifndef lint
! static char Version[] = "@(#)vers.c	e07@nikhef.nl (Eric Wassenaar) 961013";
! #endif
! 
! char *version = "961013";
  
  #if defined(apollo)
  int h_errno = 0;
--- 1,8 ----
  #ifndef lint
! static char Version[] = "@(#)vers.c	e07@nikhef.nl (Eric Wassenaar) 961113";
! #endif
! 
! char *version = "961113";
  
  #if defined(apollo)
  int h_errno = 0;
diff --context --recurs m:\bind495p1/doc/bog/file.psf m:\bind/doc/bog/file.psf
*** m:\bind495p1/doc/bog/file.psf	Mon Nov 11 06:47:25 1996
--- m:\bind/doc/bog/file.psf	Wed Dec 18 04:12:52 1996
***************
*** 1,6 ****
  %!PS-Adobe-3.0
  %%Creator: groff version 1.10
! %%CreationDate: Sun Nov 10 22:47:25 1996
  %%DocumentNeededResources: font Times-Bold
  %%+ font Times-Italic
  %%+ font Times-Roman
--- 1,6 ----
  %!PS-Adobe-3.0
  %%Creator: groff version 1.10
! %%CreationDate: Tue Dec 17 20:12:52 1996
  %%DocumentNeededResources: font Times-Bold
  %%+ font Times-Italic
  %%+ font Times-Roman
diff --context --recurs m:\bind495p1/doc/misc/FAQ.1of2 m:\bind/doc/misc/FAQ.1of2
*** m:\bind495p1/doc/misc/FAQ.1of2	Mon Dec 02 21:40:19 1996
--- m:\bind/doc/misc/FAQ.1of2	Wed Dec 18 23:12:02 1996
***************
*** 1,382 ****
  Newsgroups: comp.protocols.tcp-ip.domains,comp.answers,news.answers
! Path: vixie!news1.digital.com!uunet!in1.uu.net!usc!rutgers!njitgw.njit.edu!hertz.njit.edu!cdp2582
! From: cdp@njit.edu (Chris Peckham)
! Subject: comp.protocols.tcp-ip.domains Frequently Asked Questions (FAQ) (Part 1 of 2)
! Message-ID: <cptd-faq-1-810621452@njit.edu>
! Followup-To: comp.protocols.tcp-ip.domains
! Originator: cdp2582@hertz.njit.edu
! Keywords: BIND,DOMAIN,DNS
! Sender: news@njit.edu
! Supersedes: <cptd-faq-1-807632375@njit.edu>
! Nntp-Posting-Host: hertz.njit.edu
! X-Posting-Frequency: posted on the 1st of each month
  Reply-To: domain-faq@njit.edu (comp.protocols.tcp-ip.domains FAQ comments)
  Organization: NJIT.EDU - New Jersey Institute of Technology, Newark, NJ, USA
! Date: Sat, 9 Sep 1995 04:37:47 GMT
  Approved: news-answers-request@MIT.EDU
! Expires: Sat 14 Oct 95 00:37:32 EDT
! Lines: 1319
! Xref: vixie comp.protocols.tcp-ip.domains:6018 comp.answers:13881 news.answers:49918
  
  Posted-By: auto-faq 3.1.1.2
  Archive-name: internet/tcp-ip/domains-faq/part1
! Revision: 1.6 1995/05/12 18:49:48
  
  
! This FAQ is edited and maintained by Chris Peckham, <cdp@njit.edu>. 
! The latest version may always be found for anonymous ftp from
  
!     ftp://rtfm.mit.edu/pub/usenet/news.answers/internet/tcp-ip/domains-faq
!     ftp://ftp.njit.edu/pub/dns/Comp.protocols.tcp-ip.domains.FAQ
  
! If you can contribute any answers for items in the TODO section, please do
! so by sending e-mail to domain-faq@njit.edu !  If you know of any items that 
! are not included and you feel that they should be,  send the relevant
! information to domain-faq@njit.edu.
! 
! 
! ------------------------------
! 
! Date: Fri May 12 14:41:47 EDT 1995
! Subject: Table of Contents
! 
! Table of Contents
! =================
! Part 1
! ------
!    0. TO DO
!    1. INTRODUCTION / MISCELLANEOUS
!       1.1  What is this newsgroup ?
!       1.2  More information
!       1.3  What is BIND and where is the latest version of BIND ?
!       1.4  How can I find the route between systems ?
!       1.5  Finding the hostname if you have the tcp-ip address
!       1.6  How to register a domain name
!       1.7  Change of Domain name
!       1.8  How memory and CPU does DNS use ?
!       1.9  Other things to consider when planning your servers  
!       1.10 Proper way to get NS and reverse IP records into DNS
!       1.11 How to get my address assign from NIC?
!       1.12 Is there a block of private IP addresses I can use?
!       1.13 Cache failed lookups
!       1.14 What does an NS record really do ?
!       1.15 DNS ports
!       1.16 Obtaining the latest cache file 
!    2. UTILITIES
!       2.1  Utilities to administer DNS zone files
!       2.2  DIG - Domain Internet Groper
!       2.3  DNS packet analyzer
!       2.4  host 
!       2.5  Programming with DNS
!       2.6  A source of information relating to DNS
!    3. DEFINITIONS
!       3.1  TCP/IP Host Naming Conventions
!       3.2  Slaves and servers with forwarders
!       3.3  When is a server authoritative?
!       3.4  Underscore in host-/domain names
!       3.5  Lame delegation
!       3.6  What does opt-class field do?
!       3.7  Top level domains
!       3.8  Classes of networks
!       3.9  What is CIDR ?
!       3.10 What is the rule for glue ?
! 
! Part 2
! ------
!    4. CONFIGURATION
!       4.1  Changing a Secondary server to a Primary
!       4.2  How do I subnet a Class B Address ?
!       4.3  Subnetted domain name service
!       4.4  Recommended format/style of DNS files
!       4.5  DNS on a system not connected to the Internet
!       4.6  Multiple Domain configuration
!       4.7  wildcard MX records
!       4.8  How to identify a wildcard MX record
!       4.9  Why are fully qualified domain names recommended ?
!       4.10 Distributing load using named
!       4.11 Order of returned records
!       4.12 resolv.conf 
!       4.13 Delegating authority 
!       4.14 DNS instead of NIS on a Sun OS 4.1.x system
!    5. PROBLEMS
!       5.1  No address for root server
!       5.2  Error - No Root Nameservers for Class XX
!       5.3  Bind 4.9.x and MX querying?
!       5.4  Some root nameservers don't know localhost
!       5.5  MX records and CNAMES and separate A records for MX targets
!       5.6  NS is a CNAME
!       5.7  Nameserver forgets own A record
!       5.8  General problems (core dumps !)
!       5.9  malloc and DECstations
!    6. ACKNOWLEDGEMENTS
! 
! ------------------------------
! 
! Date: Wed May  3 12:55:13 EDT 1995
! Subject: Q0 - TO DO list 
! 
! 
! * How to do an initial installation
! * How to change service providers (what happens)
! * Explain the difference between BIND (an implementation) and DNS (spec)
! * Expand the slave/forward section of Q 3.2
! * Add a definition of a "private domain" in discussion (or cut it out) 
! * mention mail-to-news gateways for newsgroup, mailing lists, anonymous
!   ftp, etc in what is newsgroup section
! * The evils of wildcard MX records
  
  
  
! -------------------------------
  
  Date: Thu Dec  1 11:08:28 EST 1994
- Subject: Q1.1 - What is this newsgroup ?
  
! comp.protocols.tcp-ip.domains is the usenet newsgroup for discussion
! on issues relating to the Domain Name System (DNS).
  
  This newsgroup is not for issues directly relating to IP routing and
  addressing.  Issues of that nature should be directed towards
  comp.protocols.tcp-ip.
  
  
! -------------------------------
  
  
! Date: Fri May 12 13:54:01 EDT 1995
! Subject: Q1.2 - More information
  
!    You can find more information concerning DNS in the following places:
!  
!    * The BOG (BIND Operations Guide) - in the BIND distribution
!    * The FAQ included with bind4.9.3 doc/misc/FAQ
!    * DNS and BIND by Albitz and Liu (an O'Reilly & Associates Nutshell 
!      handbook)
!    * A number of RFCs (920, 974, 1032, 1034, 1101, 1123, 1178, 1183, 1348,
!                        1535, 1536, 1537, 1591, 1706, 1712, 1713)
!    * The DNS Resource Directory (DNSRD) 
!          http://www.dns.net/dnsrd
!    * If you are having troubles relating to sendmail and DNS, you may wish to
!      refer to the USEnet newsgroup comp.mail.sendmail and/or the FAQ for that
!      newsgroup
!          ftp://rtfm.mit.edu/pub/usenet/news.answers/mail/sendmail-faq
!    * Information concerning some frequently asked questions relating to
!      the Internet (i.e., what is the InterNIC, what is an RFC, what is the
!      IETF, etc) may be found for anonymous ftp from
!          ftp://ds.internic.net/fyi/fyi4.txt
!      A version may also be obtained with the URL
!          gopher://ds.internic.net/00/fyi/fyi4.txt 
! 
! 
! -------------------------------
! 
! Date: Fri Aug  4 10:18:58 EDT 1995
! Subject: Q1.3 - What is BIND and where is the latest version of BIND ?
! 
! Q: What is BIND ?
! 
! A: From the BOG Introduction -
! 
!         The Berkeley Internet Name Domain (BIND)  implements
!    an  Internet  name  server  for the BSD operating system.
!    The BIND consists of  a  server  (or  ``daemon'')  and  a
!    resolver  library.   A  name  server is a network service
!    that enables clients to name  resources  or  objects  and
!    share this information with other objects in the network.
!    This in effect is a  distributed  data  base  system  for
!    objects  in a computer network.  BIND is fully integrated
!    into BSD (4.3 and later releases)  network  programs  for
!    use  in  storing  and  retrieving host names and address.
!    The system administrator can configure the system to  use
!    BIND  as  a replacement to the older host table lookup of
!    information in the network hosts  file  /etc/hosts.   The
!    default configuration for BSD uses BIND.
  
! Q: Where is the latest non-beta version of BIND ?
!  
! A: The latest non-beta version of BIND is version 4.9.2.  This can be
!    found for anonymous ftp from
!  
!          ftp://gatekeeper.dec.com/pub/misc/vixie/4.9.2-940221.tar.gz
!  
! Q: Where is the latest version of 4.9.3 located ?
  
! A: You can reference this URL:
!  
!         http://www.isc.org/isc/
!  
!    At this time, the latest version of 4.9.3 may be found for anonymous ftp 
!    from
!  
!         ftp://ftp.vix.com/pub/bind/testing/bind-4.9.3-BETA24.tar.gz
  
!    You will need GNU zip, Larry Wall's patch program (if there are any
!    patch files), and a C compiler to get BIND running from the above
!    mentioned source.
  
!    GNU zip is available for anonymous ftp from
  
!         ftp://prep.ai.mit.edu/pub/gnu/gzip-1.2.4.tar
  
!    patch is available for anonymous ftp from
  
!         ftp://prep.ai.mit.edu/pub/gnu/patch-2.1.tar.gz
  
! ------------------------------
  
! Date: Mon Jan  2 13:27:27 EST 1995
! Subject: Q1.4 - How can I find the route between systems
  
! Q: How can I find the path taken by packets between two systems/domains ?
!  
! A: Get the source of the 'traceroute' command, compile it and install
!    it on your system.  
  
!    One version of this program with additional functionality may be found
!    for anonymous ftp from
  
!        ftp://ftp.nikhef.nl/pub/network/traceroute.tar.Z
  
!    This package is mirrored at
  
!        ftp://ftp.njit.edu/pub/dns/nikhef/traceroute.tar.Z 
  
!    Another version may be found for anonymous ftp from
  
!        ftp://ftp.psc.edu/pub/net_tools/traceroute.tar
  
!  
! ------------------------------
  
  Date: Thu Dec  1 09:55:24 EST 1994
- Subject: Q1.5 - Finding the hostname if you have the tcp-ip address
  
! Q: Can someone tell me how can I find the name of the domain if I know the
!    tcp-ip address of the domain? Is there some kind of service for this?
!  
! A: For an address a.b.c.d you can always do:
!  
! % nslookup
! > set q=ptr
! > d.c.b.a.in-addr.arpa.
  
!    Most newer version of nslookup (since 4.8.3) will recognize an address, 
!    so you can just say:
  
! % nslookup a.b.c.d
!  
!    DiG will work like this also:
!  
! $ dig -x a.b.c.d
  
!    Host from the contrib/host from the bind distribution may also be used.
  
! -------------------------------
!  
! Date: Fri Apr 28 13:16:32 EDT 1995
! Subject: Q1.6 - How to register a domain name
  
! Q: I would like to register a domain.  How do I do this ?   Can a name be
!    reserved, or must we already have an IP address and be hooked up to the
!    Internet before obtaining a domain name?
!  
! A: You can talk to your Internet Service Provider (ISP).  They can submit 
!    the registration for you.  If you are not going to be directly
!    connected, they should be able to offer MX records for your domain
!    for mail delivery (so that mail sent to the new domain will be sent
!    to your "standard" account).   In the case where the registration is
!    done by the organization itself, it still makes the whole process
!    much easier if the ISP is approached for secondary servers _before_
!    the InterNIC is approached for registration.
!  
!    For information about making the registration yourself, look to the
!    InterNIC !
  
!         ftp://internic.net/templates/ 
!         gopher://rs.internic.net/
!         http://www.internic.net/infoguide.html
!         http://www.ripe.net
!  
!    You will need at least two domain name servers when you register your 
!    domain.  Many ISP's are willing to provide primary and/or secondary name 
!    service for their customers.
! 
!    Many times, registration of a domain name can be initiated by sending 
!    e-mail to the zone contact. You can obtain the contact in the 
!    SOA record for the country, or in a whois server:
  
           $ nslookup -type=SOA fr.
           origin = ns1.nic.fr
           mail addr = nic.nic.fr
           ...
!  
!    The mail address to contact in this case is 'nic@nic.fr' (you must 
!    substitute an '@' for the first dot in the mail addr field).
!  
!    An alternate method to obtain the e-mail address of the national NIC
!    is the 'whois' server at InterNIC.   
  
!    You may be requested to make your request to another email address or
!    using a certain information template/application.
  
  
! -------------------------------
  
  Date: Sun Nov 27 23:32:41 EST 1994
! Subject: Q1.7 - Change of Domain name
!  
! Q: We are preparing for a change of our domain name:
!         abc.foobar.com -> foobar.net
!  
!    What are the tricks and caveats we should be aware of ?
!  
! A: The forward zones are easy and there are a number of ways to do it.  
!    One way is the following:
!  
!    Have a single db file for the 2 domains, and have a single machine
!    be the primary server for both abc.foobar.com and foobar.net.
!  
!    To resolve the host foo in both domains, use a single zone file which
!    merely uses this for the host:
!  
  foo             IN      A       1.2.3.4
-  
-    Use a "@" wherever the domain would be used ie for the SOA:
  
  @               IN      SOA     (...
-  
-    Then use this pair of lines in your named.boot:
  
  primary         abc.foobar.com  db.foobar
  primary         foobar.net      db.foobar
-  
-    The reverse zones should either contain PTRs to both names,
-    or to whichever name you believe to be canonical currently.
  
! -------------------------------
  
! Date: Fri Apr 28 13:52:20 EDT 1995
! Subject: Q1.8 - How memory and CPU does DNS use ?
!  
! Q: How much memory and CPU does DNS use ?
  
! A: It can use quite a bit !  The main thing that BIND needs is memory.  
!    It uses very little CPU or network bandwidth.   The main 
!    considerations to keep in mind when planning are:
  
!         1) How many zones do you have and how large are they ?
!         2) How many clients do you expect to serve and how active are they ?
  
!    As an example, here is a snapshot of memory usage from CSIRO Division 
!    of Mathematics and Statistics, Australia
  
        Named takes several days to stabalize its memory usage.
   
        Our main server stabalises at ~10Mb. It takes about 3 days to
        reach this size from 6 M at startup. This is under Sun OS 4.1.3U1.
  
!    As another example, here is the configuration of ns.uu.net (from late 
!    1994):
  
        ns.uu.net only does nameservice.  It is running a version of BIND
        4.9.3 on a Sun Classic with 96 MB of RAM, 220 MB of swap (remember
--- 1,513 ----
  Newsgroups: comp.protocols.tcp-ip.domains,comp.answers,news.answers
! Path: vixie!news1.digital.com!su-news-hub1.bbnplanet.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!cam-news-hub1.bbnplanet.com!news.mathworks.com!news.kei.com!uhog.mit.edu!rutgers!njitgw.njit.edu!hertz.njit.edu!cdp2582
! From: cdp2582@hertz.njit.edu (Chris Peckham)
! Subject: comp.protocols.tcp-ip.domains Frequently Asked Questions (FAQ) (Part 1 of 2)
! Message-ID: <cptd-faq-1-849940949@njit.edu>
! Followup-To: comp.protocols.tcp-ip.domains
! Originator: cdp2582@hertz.njit.edu
! Keywords: BIND,DOMAIN,DNS
! Sender: news@njit.edu
! Supersedes: <cptd-faq-1-847336183@njit.edu>
! Nntp-Posting-Host: hertz.njit.edu
! X-Posting-Frequency: posted during the first week of each month
  Reply-To: domain-faq@njit.edu (comp.protocols.tcp-ip.domains FAQ comments)
  Organization: NJIT.EDU - New Jersey Institute of Technology, Newark, NJ, USA
! Date: Sat, 7 Dec 1996 06:42:36 GMT
  Approved: news-answers-request@MIT.EDU
! Expires: Sat 11 Jan 97 02:42:29 EDT
! Lines: 1582
! Xref: vixie comp.protocols.tcp-ip.domains:12904 comp.answers:22440 news.answers:85682
  
  Posted-By: auto-faq 3.1.1.2
  Archive-name: internet/tcp-ip/domains-faq/part1
! Revision: 1.14 1996/12/07 06:42:05
  
  
! Note that this posting has been split into two parts because of its size.
  
! $Id: FAQ.1of2,v 8.4 1996/12/18 04:09:47 vixie Exp $
  
! A new version of this document appears monthly.  If this copy is more
! than a month old it may be out of date.
! 
! This FAQ is edited and maintained by Chris Peckham, <cdp@pfmc.net>.  The
! most recently posted version may be found for anonymous ftp from
  
+ rtfm.mit.edu : /pub/usenet/news.answers/internet/tcp-ip/domains-faq
  
+ It is also available in HTML from
+ http://www.users.pfmc.net/~cdp/cptd-faq/.
  
! If you can contribute any answers for items in the TODO section, please do
! so by sending e-mail to <domain-faq@pfmc.net> !  If you know of any items
! that  are not included and you feel that they should be,  send the
! relevant information to <domain-faq@pfmc.net>.
! 
! ===============================================================================
! 
! Index
! 
!  Section 1.  TO DO / UPDATES
!  Q1.1        Contributions needed 
!  Q1.2        UPDATES / Changes since last posting 
! 
!  Section 2.  INTRODUCTION / MISCELLANEOUS
!  Q2.1        What is this newsgroup ?
!  Q2.2        More information
!  Q2.3        What is BIND  ?
!  Q2.4        What is the difference between BIND and DNS ?
!  Q2.5        Where is the latest version of BIND located ?
!  Q2.6        How can I find the path taken between two systems/domains ?
!  Q2.7        How do you find the hostname given the TCP-IP address ?
!  Q2.8        How do I register a domain ?
!  Q2.9        How can I change the IP address of our server ?
!  Q2.10       Issues when changing your domain name
!  Q2.11       How memory and CPU does DNS use ?
!  Q2.12       Other things to consider when planning your servers  
!  Q2.13       Proper way to get NS and reverse IP records into DNS
!  Q2.14       How do I get my address assigned from the NIC ?
!  Q2.15       Is there a block of private IP addresses I can use?
!  Q2.16       Does BIND cache negative answers (failed DNS lookups) ?
!  Q2.17       What does an NS record really do ?
!  Q2.18       DNS ports
!  Q2.19       What is the cache file 
!  Q2.20       Obtaining the latest cache file
!  Q2.21       Selecting a nameserver/root cache
!  Q2.22       InterNIC and domain names
! 
!  Section 3.  UTILITIES 
!  Q3.1        Utilities to administer DNS zone files
!  Q3.2        DIG - Domain Internet Groper
!  Q3.3        DNS packet analyser
!  Q3.4        host
!  Q3.5        How can I use DNS information in my program?
!  Q3.6        A source of information relating to DNS
! 
!  Section 4.  DEFINITIONS  
!  Q4.1        TCP/IP Host Naming Conventions
!  Q4.2        What are slaves and forwarders ?
!  Q4.3        When is a server authoritative?
!  Q4.4        My server does not consider itself authoritative !
!  Q4.5        NS records don't configure servers as authoritative ?
!  Q4.6        underscore in host-/domainnames
!  Q4.7        What is lame delegation ?
!  Q4.8        How can I see if the server is "lame" ?
!  Q4.9        What does opt-class field in a zone file do?
!  Q4.10       Top level domains
!  Q4.11       Classes of networks
!  Q4.12       What is CIDR ?
!  Q4.13       What is the rule for glue ?
! 
!  Section 5.  CONFIGURATION
!  Q5.1        Changing a Secondary server to a Primary server ?
!  Q5.2        Moving a Primary server to another server
!  Q5.3        How do I subnet a Class B Address ?
!  Q5.4        Subnetted domain name service
!  Q5.5        Recommended format/style of DNS files
!  Q5.6        DNS on a system not connected to the Internet
!  Q5.7        Multiple Domain configuration
!  Q5.8        wildcard MX records
!  Q5.9        How do you identify a wildcard MX record ?
!  Q5.10       Why are fully qualified domain names recommended ?
!  Q5.11       Distributing load using named
!  Q5.12       Order of returned records
!  Q5.13       resolv.conf
!  Q5.14       How do I delegate authority for sub-domains ?
!  Q5.15       DNS instead of NIS on a Sun OS 4.1.x system
!  Q5.16       Patches to add functionality to BIND 
!  Q5.17       How to serve multiple domains from one server
! 
!  Section 6.  PROBLEMS
!  Q6.1        No address for root server
!  Q6.2        Error - No Root Nameservers for Class XX
!  Q6.3        Bind 4.9.x and MX querying?
!  Q6.4        Do I need to define an A record for localhost ?
!  Q6.5        MX records, CNAMES and A records for MX targets
!  Q6.6        Can an NS record point to a CNAME ?
!  Q6.7        Nameserver forgets own A record
!  Q6.8        General problems (core dumps !)
!  Q6.9        malloc and DECstations
!  Q6.10       Can't resolve names without a "."
!  Q6.11       Err/TO errors being reported
!  Q6.12       Why does swapping kill BIND ?
! 
!  Section 7.  ACKNOWLEDGEMENTS
!  Q7.1        How is this FAQ generated ?
!  Q7.2        What formats are available ?
!  Q7.3        Contributors
! 
! ===============================================================================
! 
! Section 1.  TO DO / UPDATES
! 
!  Q1.1        Contributions needed 
!  Q1.2        UPDATES / Changes since last posting 
! 
! -----------------------------------------------------------------------------
! 
! Question 1.1.  Contributions needed
! 
! Date: Fri Dec  6 00:40:00 EST 1996
! 
! * Expand the slave/forward section
! 
! -----------------------------------------------------------------------------
! 
! Question 1.2.  UPDATES / Changes since last posting
! 
! Date: Fri Dec  6 00:40:00 EST 1996
! 
! * The FAQ is now maintained in BFNN (Bizzare format with No Name).  This
!   allows me to create ASCII, HTML, and GNU info (postscript coming soon)
!   from one source file.
! * References to 4.9.4 changed to 4.9.5.
! * memory/CPU usage question - removed uunet map reference.  Not there...
! * Minor edits of information and questions for new format.
! * How do I delegate authority for sub-domains ? - edited answer
! 
! ===============================================================================
! 
! Section 2.  INTRODUCTION / MISCELLANEOUS
! 
!  Q2.1        What is this newsgroup ?
!  Q2.2        More information
!  Q2.3        What is BIND  ?
!  Q2.4        What is the difference between BIND and DNS ?
!  Q2.5        Where is the latest version of BIND located ?
!  Q2.6        How can I find the path taken between two systems/domains ?
!  Q2.7        How do you find the hostname given the TCP-IP address ?
!  Q2.8        How do I register a domain ?
!  Q2.9        How can I change the IP address of our server ?
!  Q2.10       Issues when changing your domain name
!  Q2.11       How memory and CPU does DNS use ?
!  Q2.12       Other things to consider when planning your servers  
!  Q2.13       Proper way to get NS and reverse IP records into DNS
!  Q2.14       How do I get my address assigned from the NIC ?
!  Q2.15       Is there a block of private IP addresses I can use?
!  Q2.16       Does BIND cache negative answers (failed DNS lookups) ?
!  Q2.17       What does an NS record really do ?
!  Q2.18       DNS ports
!  Q2.19       What is the cache file 
!  Q2.20       Obtaining the latest cache file
!  Q2.21       Selecting a nameserver/root cache
!  Q2.22       InterNIC and domain names
! 
! -----------------------------------------------------------------------------
  
+ Question 2.1.  What is this newsgroup ?
+ 
  Date: Thu Dec  1 11:08:28 EST 1994
  
! comp.protocols.tcp-ip.domains is the usenet newsgroup for discussion on
! issues relating to the Domain Name System (DNS).
  
  This newsgroup is not for issues directly relating to IP routing and
  addressing.  Issues of that nature should be directed towards
  comp.protocols.tcp-ip.
  
+ -----------------------------------------------------------------------------
  
! Question 2.2.  More information
  
+ Date: Fri Dec  6 00:41:03 EST 1996
  
! You can find more information concerning DNS in the following places:
  
! * The BOG (BIND Operations Guide) - in the BIND distribution
! * The FAQ included with BIND 4.9.5 in doc/misc/FAQ
! * DNS and BIND by Albitz and Liu (an O'Reilly & Associates Nutshell
!   handbook)
! * A number of RFCs (920, 974, 1032, 1034, 1101, 1123, 1178, 1183, 1348,
!   1535, 1536, 1537, 1591, 1706, 1712, 1713, 1912, 1918)
! * The DNS Resources Directory (DNSRD) http://www.dns.net/dnsrd/
! * If you are having troubles relating to sendmail and DNS, you may wish to
!   refer to the USEnet newsgroup comp.mail.sendmail and/or the FAQ for that
!   newsgroup which may be found for anonymous ftp at rtfm.mit.edu :
!   /pub/usenet/news.answers/mail/sendmail-faq
! * Information concerning some frequently asked questions relating to the
!   Internet (i.e., what is the InterNIC, what is an RFC, what is the IETF,
!   etc) may be found for anonymous ftp from ds.internic.net : /fyi/fyi4.txt
!   A version may also be obtained with the URL
!   gopher://ds.internic.net/00/fyi/fyi4.txt.
! * Information on performing an initial installation of BIND may be found
!   using the DNS Resources Directory at
!   http://www.dns.net/dnsrd/docs/basic.txt
! * Three other USEnet newsgroups:
  
!   * comp.protocols.dns.bind
!   * comp.protocols.dns.ops
!   * comp.protocols.dns.std
  
! -----------------------------------------------------------------------------
  
! Question 2.3.  What is BIND  ?
  
! Date: Tue Sep 10 23:15:58 EDT 1996
  
! From the BOG Introduction -
  
! The Berkeley Internet Name Domain (BIND)  implements an  Internet name
! server  for the BSD operating system.  The BIND consists of  a server (or
! ``daemon'')  and  a resolver  library.   A  name server is a network
! service that enables clients to name  resources or  objects and share this
! information with other objects in the network.  This in effect is a
! distributed  data  base  system  for objects  in a computer network.  BIND
! is fully integrated into BSD (4.3 and later releases) network  programs
! for use  in  storing and  retrieving host names and address.  The system
! administrator can configure the system to  use BIND as  a replacement to
! the older host table lookup of information in the network hosts file
! /etc/hosts.   The default configuration for BSD uses BIND.
  
! -----------------------------------------------------------------------------
  
! Question 2.4.  What is the difference between BIND and DNS ?
  
! Date: Tue Sep 10 23:15:58 EDT 1996
  
! (text provided by Andras Salamon) DNS is the Domain Name System, a set of
! protocols for a distributed database that was originally designed to
! replace /etc/hosts files.  DNS is most commonly used by applications to
! translate domain names of hosts to IP addresses.  A client of the DNS is
! called a resolver; resolvers are typically located in the application
! layer of the networking software of each TCP/IP capable machine.  Users
! typically do not interact directly with the resolver.  Resolvers query the
! DNS by directing queries at name servers that contain parts of the
! distributed database that is accessed by using the DNS protocols.  In
! common usage, `the DNS' usually refers just to the data in the database.
  
! BIND (Berkeley Internet Name Domain) is an implementation of DNS, both
! server and client.  Development of BIND is funded by the Internet Software
! Consortium and is coordinated by Paul Vixie.  BIND has been ported to
! Windows NT and VMS, but is most often found on Unix.  BIND source code is
! freely available and very complex; most of the development on the DNS
! protocols is based on this code; and most Unix vendors ship BIND-derived
! DNS implementations.  As a result, the BIND name server is the most widely
! used name server on the Internet.  In common usage, `BIND' usually refers
! to the name server that is part of the BIND distribution, and sometimes to
! name servers in general (whether BIND-derived or not).
  
! -----------------------------------------------------------------------------
  
! Question 2.5.  Where is the latest version of BIND located ?
  
! Fri Dec  6 00:23:19 EST 1996
  
! This information may be found at http://www.vix.com/isc/bind.html
  
! At this time, BIND version of 4.9.5 may be found for anonymous ftp from
  
! ftp.vix.com : /pub/bind/release/4.9.5/bind-4.9.5-REL.tar.gz
! 
! Other sites that officially mirror the BIND distribution are
! 
! * bind.fit.qut.edu.au : /pub/bind
! * ftp.funet.fi : /pub/unix/tcpip/dns/bind
! * ftp.univ-lyon1.fr : /pub/mirrors/unix/bind
! * ftp.oleane.net : /pub/mirrors/unix/bind
! * ftp.ucr.ac.cr : /pub/Unix/dns/bind
! * ftp.luth.se : /pub/unix/dns/bind/beta
! 
! You may need GNU zip, Larry Wall's patch program (if there are any patch
! files), and a C compiler to get BIND running from the above mentioned
! source.
! 
! GNU zip is available for anonymous ftp from
! 
! prep.ai.mit.edu : /pub/gnu/gzip-1.2.4.tar
! 
! patch is available for anonymous ftp from
! 
! prep.ai.mit.edu : /pub/gnu/patch-2.1.tar.gz
! 
! A version of BIND for Windows NT is available for anonymous ftp from
! 
! ftp.vix.com : /pub/bind/release/4.9.5/contrib/ntdns495relbin.zip
  
+ and
+ 
+ ftp.vix.com : /pub/bind/release/4.9.5/contrib/ntbind495rel.zip
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 2.6.  How can I find the path taken between two systems/domains ?
+ 
+ Date: Fri Dec  6 00:10:31 EST 1996
+ 
+ On a Unix system, use traceroute.  If it is not available to you, you may
+ obtain the source source for 'traceroute', compile it and install it on
+ your system.
+ 
+ One version of this program with additional functionality may be found for
+ anonymous ftp from
+ 
+ ftp.nikhef.nl : /pub/network/traceroute.tar.Z
+ 
+ Another version may be found for anonymous ftp from
+ 
+ ftp.psc.edu : /pub/net_tools/traceroute.tar
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 2.7.  How do you find the hostname given the TCP-IP address ?
+ 
  Date: Thu Dec  1 09:55:24 EST 1994
  
! For an address a.b.c.d you can always do:
  
!          % nslookup
!          > set q=ptr
!          > d.c.b.a.in-addr.arpa.
  
! Most newer version of nslookup (since 4.8.3) will recognize an address, so
! you can just say:
  
!          % nslookup a.b.c.d
  
! DiG will work like this also:
  
!          % dig -x a.b.c.d
  
! host from the contrib/host from the bind distribution may also be used.
! 
! -----------------------------------------------------------------------------
! 
! Question 2.8.  How do I register a domain ?
! 
! Date: Wed Sep  4 23:59:42 EDT 1996
! 
! You can talk to your Internet Service Provider (ISP).  They can submit the
! registration for you.  If you are not going to be directly connected, they
! should be able to offer MX records for your domain for mail delivery (so
! that mail sent to the new domain will be sent to your "standard" account).
! In the case where the registration is done by the organization itself, it
! still makes the whole process much easier if the ISP is approached for
! secondary servers _before_ the InterNIC is approached for registration.
! 
! For information about making the registration yourself, look to the
! InterNIC  (or other similar organization).
! 
! * anonymout ftp from internic.net : /templates
! * gopher://rs.internic.net/
! * http://rs.internic.net/reg/reg-forms.html
! * http://www.ripe.net/
! 
! You will need at least two domain name servers when you register your
! domain.  Many ISP's are willing to provide primary and/or secondary name
! service for their customers.
! 
! Please note that the InterNIC is now charging a fee for domain names    in
! the "COM", "ORG", and "NET".  More information may be found from  the
! Internic at
! 
! http://rs.internic.net/domain-info/fee-policy.html
  
+ Many times, registration of a domain name can be initiated by sending
+ e-mail to the zone contact. You can obtain the contact in the  SOA record
+ for the country, or in a whois server:
+ 
           $ nslookup -type=SOA fr.
           origin = ns1.nic.fr
           mail addr = nic.nic.fr
           ...
! 
! The mail address to contact in this case is 'nic@nic.fr' (you must
! substitute an '@' for the first dot in the mail addr field).
  
! An alternate method to obtain the e-mail address of the national NIC is
! the 'whois' server at InterNIC.
  
+ You may be requested to make your request to another email address or
+ using a certain information template/application.
  
! -----------------------------------------------------------------------------
! 
! Question 2.9.  How can I change the IP address of our server ?
! 
! Date: Sun May  5 22:46:28 EDT 1996
! 
! (From Mark Andrews) Before the move.
! 
! * Ensure you are running a modern nameserver. BIND 4.9.3-REL + Patch1 is a
!   good choice.
! * Inform all your secondaries that you are going to change.  Have them
!   install both the current and new addresses in their named.boot's.
! * Drop the ttl of the A's associated with the nameserver to something
!   small (5 min is usually good).
! * Drop the refesh and retry times of the zone containing the  forward
!   records for the server.
! * Configure the new reverse zone before the move and make sure it is
!   operational.
! * On the day of the move add the new A record(s) for the server.  Don't
!   forget to have these added to parent domains. You will look like you are
!   multihomed with one interface dead.
! 
! Move the machine after gracefully terminating any other services it is
! offering. Then,
! 
! * Fixup the A's, ttl, refresh and retry counters.  (If you are running an
!   all server EDIT out all references to the old addresses in the cache
!   files).
! * Inform all the secondaries the move is complete.
! * Inform the parents of all zones you are primary of the new NS/A pairs
!   for the relevent zones.
! * Inform all the administators of zones you are secondaring that the
!   machine  has moved.
! * For good measure update the serial no for all zones you are primary for.
!   This will flush out old A's.
  
+ -----------------------------------------------------------------------------
+ 
+ Question 2.10.  Issues when changing your domain name
+ 
  Date: Sun Nov 27 23:32:41 EST 1994
! 
! If you are changing your domain name from abc.foobar.com to foobar.net,
! the forward zones are easy and there are a number of ways to do it.   One
! way is the following:
! 
! Have a single db file for the 2 domains, and have a single machine be the
! primary server for both abc.foobar.com and foobar.net.
! 
! To resolve the host foo in both domains, use a single zone file which
! merely uses this for the host:
! 
  foo             IN      A       1.2.3.4
  
+ Use a "@" wherever the domain would be used ie for the SOA:
+ 
  @               IN      SOA     (...
  
+ Then use this pair of lines in your named.boot:
+ 
  primary         abc.foobar.com  db.foobar
  primary         foobar.net      db.foobar
  
! The reverse zones should either contain PTRs to both names, or to
! whichever name you believe to be canonical currently.
  
! -----------------------------------------------------------------------------
  
! Question 2.11.  How memory and CPU does DNS use ?
  
! Date: Fri Dec  6 01:07:56 EST 1996
  
! It can use quite a bit !  The main thing that BIND needs is memory.   It
! uses very little CPU or network bandwidth.   The main  considerations to
! keep in mind when planning are:
  
+ * How many zones do you have and how large are they ?
+ * How many clients do you expect to serve and how active are they ?
+ 
+ As an example, here is a snapshot of memory usage from CSIRO Division  of
+ Mathematics and Statistics, Australia
+ 
        Named takes several days to stabalize its memory usage.
   
        Our main server stabalises at ~10Mb. It takes about 3 days to
        reach this size from 6 M at startup. This is under Sun OS 4.1.3U1.
  
! As another example, here is the configuration of ns.uu.net (from late
! 1994):
  
        ns.uu.net only does nameservice.  It is running a version of BIND
        4.9.3 on a Sun Classic with 96 MB of RAM, 220 MB of swap (remember
***************
*** 384,405 ****
        running Sun OS 4.1.3_U1.
  
        Joseph Malcolm, of Alternet, states that named generally hovers at 
!       5-10% of the CPU, except after a reload, when it eats it all.  He 
!       also states that if you are interested in the network connectivity 
!       around the system (ns.uu.net is located off of Falls-Church4), a 
!       PostScript map is available for anonymous ftp from
  
!          ftp://ftp.uu.net/uunet-info/alternet.map.ps
  
  
- -------------------------------
- 
  Date: Mon Jan  2 14:24:51 EST 1995
! Subject: Q1.9 - Other things to consider when planning your servers  
!  
!   When making the plans to set up your servers, you may want to also 
!   consider the following issues:
!  
          A) Server O/S limitations/capacities (which tend to be widely
             divergent from vendor to vendor)
          B) Client resolver behavior (even more widely divergent)
--- 515,531 ----
        running Sun OS 4.1.3_U1.
  
        Joseph Malcolm, of Alternet, states that named generally hovers at 
!       5-10% of the CPU, except after a reload, when it eats it all. 
  
! -----------------------------------------------------------------------------
  
+ Question 2.12.  Other things to consider when planning your servers
  
  Date: Mon Jan  2 14:24:51 EST 1995
! 
! When making the plans to set up your servers, you may want to also
! consider the following issues:
! 
          A) Server O/S limitations/capacities (which tend to be widely
             divergent from vendor to vendor)
          B) Client resolver behavior (even more widely divergent)
***************
*** 424,570 ****
    traffic among several machines strategically located, possibly larger ones,
    and/or subdividing your domain itself. There are many options, tradeoffs, 
    and DNS architectural paradigms from which to choose.
  
  
- ------------------------------
- 
  Date: Mon Jan  2 13:03:53 EST 1995
- Subject: Q1.10 - Proper way to get NS and reverse IP records into DNS
  
!  
! Q: Reverse domain registration is separate from forward domain registration.
!    How do I get it updated ?
!  
! A: Blocks of network addresses have been delegated by the InterNIC.  Check
!    if your network a.b.c.0 is in such a block by using nslookup:
  
     nslookup -type=soa c.b.a.in-addr.arpa.
     nslookup -type=soa b.a.in-addr.arpa.
     nslookup -type=soa a.in-addr.arpa.
  
!    One of the above should give you the information you are looking for
!    (the others will return with an error something like `*** No start of
!    authority (SOA) records available for ...')
!    This will give you the email address of the person to whom you should
!    address your change request.
!  
!    If none of these works, your network probably has not been delegated
!    by the InterNIC and you need to contact them directly.
  
!    CIDR has meant that the registration is delegated, but registration
!    of in-addr.arpa has always been separate from forward zones - and
!    for good reason - in that the forward and reverse zones may have
!    different policies, contents etc, may be served by a different set
!    of nameservers, and exist at different times (usually only at point
!    of creation).  There isn't a one-to-one mapping between the two, so
!    merging the registration would probably cause more problems than
!    people forgetting/not-knowing that they had to register in-addr.arpa
!    zones separately.  For example, there are organizations that have
!    hundreds of networks and two or more domains, with a sprinkling of
!    machines from each network in each of the domains.
  
!  
! -------------------------------
!  
! Date: Mon Jan  2 13:08:38 EST 1995
! Subject: Q1.11 - How to get my address assign from NIC ?
  
!  
! Q: Can anyone tell me how can I get the address from NIC?  How many subnets
!    will NIC give to me?
!  
! A: You should probably ask your Internet provider to give you an address.
!    These days, addresses are being distributed through the providers,
!    so that they can assign adjacent blocks of addresses to sites that
!    go through the same provider, to permit more efficient routing on
!    the backbones.
!  
!    Unless you have thousands of hosts, you probably won't be able to get a
!    class B these days.  Instead, you can get a series of class C networks.
!    Large requests will be queried, so be ready to provide a network plan if
!    you ask for more than 16 class C networks.
!  
!    If you can't do this through your Internet provider, you can look for a
!    subnet registration form on rs.internic.net.  See the answer in this FAQ
!    to the question "How to register a domain name" for a URL to these
!    forms.
!  
! -------------------------------
  
! Date: Mon Jan  2 13:12:01 EST 1995
! Subject: Q1.12 -Is there a block of private IP addresses I can use?
  
  
! Q: Is there a block of private IP addresses I can use?
!  
! A: This answer may be found in the FAQ for the newsgroup comp.dcom.sys.cisco
!    available for anonymous ftp from
  
!         ftp://rtfm.mit.edu/pub/usenet/comp.dcom.sys.cisco
  
!    There is a block of private IP addresses that you can use.  However 
!    whether you wish to do so is an issue of some debate.
!  
!    There are two RFCs which discuss this issue, and present opposing
!    views:
!  
! 1597 Address Allocation for Private Internets. Y. Rekhter, B.
!      Moskowitz, D. Karrenberg & G. de Groot. March 1994. (Format:
!      TXT=17430 bytes)
!  
! 1627 Network 10 Considered Harmful (Some Practices Shouldn't be
!      Codified). E. Lear, E. Fair, D. Crocker & T. Kessler. June 1994.
!      (Format: TXT=18823 bytes)
!  
!    Neither one of these RFCs is anything more than a set of informational
!    guidelines; they are *not* words to live by (remember that RFC stands
!    for Request For Comments). If you're seriously considering using
!    private IP addresses, please read them both.
!  
!    In any event, RFC 1597 documents the allocation of the following
!    addresses for use by ``private internets'':
   
          10.0.0.0        -   10.255.255.255
          172.16.0.0      -   172.31.255.255
          192.168.0.0     -   192.168.255.255
-  
-    Most importantly, it is vital that nothing using these addresses
-    should ever connect to the global Internet, or have plans to do so.
-    Please read the above RFCs before considering implementing such
-    a policy.
  
  
! -------------------------------
  
  Date: Mon Jan  2 13:55:50 EST 1995
- Subject: Q1.13 - Cache failed lookups
  
! Q: Does BIND cache negative answers (failed DNS lookups) ?
  
! A: Yes, BIND 4.9.3 will cache negative answers.
  
!  
! -------------------------------
  
! Date: Fri Feb 10 15:35:07 EST 1995
! Subject: Q1.14 - What does an NS record really do ?
  
! Q: What does a NS record really do ?
  
! A: The NS records in your zone data file pointing to the zone's name 
!    servers (as opposed to the servers of delegated subdomains) don't do 
!    much.  They're essentially unused, though they are returned in the 
!    authority section of reply packets from your name servers.
  
! -------------------------------
  
! Date: Fri Feb 10 15:40:10 EST 1995
! Subject: Q1.15 - DNS ports
  
! Q: Does anyone out there have any information/experience on exactly which 
!    TCP/UDP ports DNS uses to send and receive queries ?
  
! A: Use the following chart:
  
     Prot Src   Dst   Use
     udp  53    53    Queries between servers (eg, recursive queries)
--- 550,658 ----
    traffic among several machines strategically located, possibly larger ones,
    and/or subdividing your domain itself. There are many options, tradeoffs, 
    and DNS architectural paradigms from which to choose.
+ -----------------------------------------------------------------------------
  
+ Question 2.13.  Proper way to get NS and reverse IP records into DNS
  
  Date: Mon Jan  2 13:03:53 EST 1995
  
! Reverse domain registration is separate from forward domain registration.
! Blocks of network addresses have been delegated by the InterNIC.  Check if
! your network a.b.c.0 is in such a block by using nslookup:
  
     nslookup -type=soa c.b.a.in-addr.arpa.
     nslookup -type=soa b.a.in-addr.arpa.
     nslookup -type=soa a.in-addr.arpa.
  
! One of the above should give you the information you are looking for (the
! others will return with an error something like `*** No start of authority
! (SOA) records available for ...') This will give you the email address of
! the person to whom you should address your change request.
  
! If none of these works, your network probably has not been delegated by
! the InterNIC and you need to contact them directly.
  
! CIDR has meant that the registration is delegated, but registration of
! in-addr.arpa has always been separate from forward zones - and for good
! reason - in that the forward and reverse zones may have different
! policies, contents etc, may be served by a different set of nameservers,
! and exist at different times (usually only at point of creation).  There
! isn't a one-to-one mapping between the two, so merging the registration
! would probably cause more problems than people forgetting/not-knowing that
! they had to register in-addr.arpa zones separately.  For example, there
! are organizations that have hundreds of networks and two or more domains,
! with a sprinkling of machines from each network in each of the domains.
  
! -----------------------------------------------------------------------------
  
! Question 2.14.  How do I get my address assigned from the NIC ?
  
+ Date: Fri Dec  6 01:11:34 EST 1996
  
! You should probably ask your Internet provider to give you an address.
! These days, addresses are being distributed through the providers, so that
! they can assign adjacent blocks of addresses to sites that go through the
! same provider, to permit more efficient routing on the backbones.
  
! Unless you have thousands of hosts, you probably won't be able to get a
! class B these days.  Instead, you can get a series of class C networks.
! Large requests will be queried, so be ready to provide a network plan if
! you ask for more than 16 class C networks.
  
! If you can't do this through your Internet provider, you can look for a
! subnet registration form on rs.internic.net.  See the answer in this FAQ
! to the question "How do I register a domain" for a URL to these forms.
! 
! -----------------------------------------------------------------------------
! 
! Question 2.15.  Is there a block of private IP addresses I can use?
! 
! Date: Sun May  5 23:02:49 EDT 1996
! 
! Yes there is.  Please refer to RFC 1918:
! 
!    1918 Address Allocation for Private Internets. Y. Rekhter, B.
!         Moskowitz, D. Karrenberg, G. de Groot, & E. Lear. February 1996.
!         (Format: TXT=22270 bytes)
   
+ RFC 1918 documents the allocation of the following addresses for use by
+ ``private internets'':
+ 
          10.0.0.0        -   10.255.255.255
          172.16.0.0      -   172.31.255.255
          192.168.0.0     -   192.168.255.255
  
+ -----------------------------------------------------------------------------
  
! Question 2.16.  Does BIND cache negative answers (failed DNS lookups) ?
  
  Date: Mon Jan  2 13:55:50 EST 1995
  
! Yes, BIND 4.9.3 and more recent versions will cache negative answers.
  
! -----------------------------------------------------------------------------
  
! Question 2.17.  What does an NS record really do ?
  
! Date: Wed Sep  4 22:52:18 EDT 1996
  
! The NS records in your zone data file pointing to the zone's name  servers
! (as opposed to the servers of delegated subdomains) don't do  much.
! They're essentially unused, though they are returned in the  authority
! section of reply packets from your name servers.
  
! However, the NS records in the zone file of the parent domain are used to
! find the right servers to query for the zone in question.  These records
! are more important than the records in the zone itself.
  
! -----------------------------------------------------------------------------
  
! Question 2.18.  DNS ports
  
! Date: Fri Feb 10 15:40:10 EST 1995
  
! The following table shows what TCP/UDP ports DNS uses to send and  receive
! queries:
  
     Prot Src   Dst   Use
     udp  53    53    Queries between servers (eg, recursive queries)
***************
*** 579,619 ****
     Note: >1023 is for non-priv ports on Un*x clients. On other client 
           types, the limit may be more or less.
  
!    Another point to keep in mind when designing filters for DNS is that a
!    DNS server uses port 53 both as the source and destination for it's
!    queries.  So, a client queries an initial server from an unreserved
!    port number to UDP port 53.  If the server needs to query another
!    server to get the required info, it sends a UDP query to that server
!    with both source and destination ports set to 53.  The response is then
!    sent with the same src=53 dest=53 to the first server which then
!    responds to the original client from port 53 to the original source
!    port number.
!  
!    The point of all this is that putting in filters to only allow UDP
!    between a high port and port 53 will not work correctly, you must also
!    allow the port 53 to port 53 UDP to get through.
!  
!    Also, ALL versions of BIND use TCP for queries in some cases.  The
!    original query is tried using UDP.  If the response is longer than
!    the allocated buffer, the resolver will retry the query using a TCP
!    connection.  If you block access to TCP port 53 as suggested above,
!    you may find that some things don't work.
!  
!    Newer version of BIND allow you to configure a list of IP addresses
!    from which to allow zone transfers.  This mechanism can be used to
!    prevent people from outside downloading your entire namespace.
! 
  
! -------------------------------
  
  
! Date: Fri Apr 28 14:19:10 EDT 1995
! Subject: Q1.16 - Obtaining the latest cache file
  
! Q: What is the cache file and where can I obtain the latest version ? 
  
- A: From the "Name Server Operations Guide"
- 
        6.3.  Cache Initialization
   
           6.3.1.  root.cache
--- 667,703 ----
     Note: >1023 is for non-priv ports on Un*x clients. On other client 
           types, the limit may be more or less.
  
! Another point to keep in mind when designing filters for DNS is that a DNS
! server uses port 53 both as the source and destination for it's queries.
! So, a client queries an initial server from an unreserved port number to
! UDP port 53.  If the server needs to query another server to get the
! required info, it sends a UDP query to that server with both source and
! destination ports set to 53.  The response is then sent with the same
! src=53 dest=53 to the first server which then responds to the original
! client from port 53 to the original source port number.
! 
! The point of all this is that putting in filters to only allow UDP between
! a high port and port 53 will not work correctly, you must also allow the
! port 53 to port 53 UDP to get through.
! 
! Also, ALL versions of BIND use TCP for queries in some cases.  The
! original query is tried using UDP.  If the response is longer than the
! allocated buffer, the resolver will retry the query using a TCP
! connection.  If you block access to TCP port 53 as suggested above, you
! may find that some things don't work.
! 
! Newer version of BIND allow you to configure a list of IP addresses from
! which to allow zone transfers.  This mechanism can be used to prevent
! people from outside downloading your entire namespace.
  
! -----------------------------------------------------------------------------
  
+ Question 2.19.  What is the cache file
  
! Date: Fri Dec  6 01:15:22 EST 1996
  
! From the "Name Server Operations Guide"
  
        6.3.  Cache Initialization
   
           6.3.1.  root.cache
***************
*** 625,637 ****
              higher authorities.  The location of this  file  is
              specified  in  the  boot  file. ...
  
!    A copy of the comments in the file available from the InterNIC follow:
  
!       ;       This file holds the information on root name servers needed to
!       ;       initialize cache of Internet domain name servers 
!       ;       (e.g. reference this file in the "cache  .  <file>"
!       ;       configuration file of BIND domain name servers).
!       ;
        ;       This file is made available by InterNIC registration services
        ;       under anonymous FTP as
        ;           file                /domain/named.root
--- 709,735 ----
              higher authorities.  The location of this  file  is
              specified  in  the  boot  file. ...
  
! -----------------------------------------------------------------------------
! 
! Question 2.20.  Obtaining the latest cache file
! 
! Date: Fri Dec  6 01:15:22 EST 1996
! 
! If you have a version of dig running, you may obtain the information with
! the command
! 
!       dig @a.root-servers.net. . ns
! 
! A perl script to handle some possible problems when using this method
! from behind a firewall and that can also be used to periodically obtain
! the latest cache file was posted to comp.protocols.tcp-ip.domains  during
! early October, 1996.  It was posted with the subject "Keeping  db.cache
! current". It is available at
! http://www.users.pfmc.net/~cdp/cptd-faq/current_db_cache.txt.
  
! The latest cache file may also be obtained from the InterNIC via ftp  or
! gopher:
! 
        ;       This file is made available by InterNIC registration services
        ;       under anonymous FTP as
        ;           file                /domain/named.root
***************
*** 640,723 ****
        ;           under menu          InterNIC Registration Services (NSI)
        ;              submenu          InterNIC Registration Archives
        ;           file                named.root
-       ;
-       ;       last update:    Oct 5, 1994
-       ;       related version of root zone:   1994100500
-       ;
  
!    If you have a version of dig running, you may obtain the information with
!    the command
  
!       dig @ns.internic.net . ns
!  
  
! -------------------------------
  
  
! Date: Mon Jan  2 13:13:49 EST 1995
! Subject: Q2.1 - Utilities to administer DNS zone files
!  
! Q: I am wondering if there are utilities available to ease the 
!    administration of the zone files in the DNS.
!  
! A: There are a few.  Two common ones are h2n and makezones.  Both are perl
!    scripts.  h2n is used to convert host tables into zone data files.  It 
!    is available for anonymous ftp from 
  
!    ftp://ftp.uu.net/published/oreilly/nutshell/dnsbind/dns.tar.Z.
!  
!    makezones works from a single file that looks like a forward zone file,
!    with some additional syntax for special cases.  It is included in the 
!    current BIND distribution.  The newest version is always available for 
!    anonymous ftp from
  
!    ftp://ftp.cus.cam.ac.uk/pub/software/programs/DNS/makezones
!    
!    This package is mirrored at
  
!    ftp://ftp.njit.edu/pub/dns/cus.cam.ac/makezones
  
!    More information may be found using the DNS Resource Directory
  
!    http://www.dns.net/dnsrd
  
  
! -------------------------------
  
  Date: Thu Dec  1 11:09:11 EST 1994
- Subject: Q2.2 - DIG - Domain Internet Groper
-  
- Q: Where can I find the latest version of DIG ?
-  
- A: The latest and greatest, official, accept-no-substitutes version of DiG
-    is the one that comes with BIND.  Get the latest kit.
  
! -------------------------------
  
! Date: Mon May 15 12:57:42 EDT 1995
! Subject: Q2.3 -DNS packet analyser
  
! Q: I'm looking for a Ethernet packet analyser of public domain or standard
!    (like tcpdump, snoop, packetman) that is able to determine DNS data
!    field protocol
!  
! A: There is a free ethernet analyser called Ethload available for PC's 
!    running DOS. The latest filename is ETHLD104.ZIP. It understands lots 
!    of protocols including TCP/UDP. It'll look inside there and display 
!    DNS/BOOTP/ICMP packets etc. (Ed. note: something nice for someone to
!    add to tcpdump ;^) ).  Depending on the ethernet controller it's given 
!    it'll perform slightly differently. It handles NDIS/Novell/Packet 
!    drivers.  It works best with Novell's promiscuous mode drivers.  
!    A A SimTel mirror site should have the program available for anonymous
!    ftp.  As an example,
  
!       ftp://oak.oakland.edu/SimTel/msdos/lan/ethld104.zip
  
  
! -------------------------------
  
  Date: Sun Dec  4 21:15:38 EST 1994
- Subject: Q2.4 - host
  
  A section from the host man page:
  
--- 738,879 ----
        ;           under menu          InterNIC Registration Services (NSI)
        ;              submenu          InterNIC Registration Archives
        ;           file                named.root
  
! -----------------------------------------------------------------------------
  
! Question 2.21.  Selecting a nameserver/root cache
  
! Date: Mon Aug  5 22:54:11 EDT 1996
  
+ Exactly how is the a root server selected from the root cache? Does the
+ resolver attempt to pick the closest host or is it random or is it via
+ sortlist-type workings?  If the root server selected is not available (for
+ whatever reason), will the the query fail instead of attempting another
+ root server in the list ?
  
! Every recursive BIND name server (that is, one which is willing to go out
! and find something for you if you ask it something it doesn't know) will
! remember the measured round trip time to each server it sends queries to.
! If it has a choice of several servers for some domain (like "." for
! example) it will use the one whose measured RTT is lowest.
  
! Since the measured RTT of all NS RRs starts at zero (0), every one gets
! tried one time.  Once all have responded, all RTT's will be nonzero, and
! the "fastest server" will get all queries henceforth, until it slows down
! for some reason.
! 
! To promote dispersion and good recordkeeping, BIND will penalize the RTT
! by a little bit each time a server is reused, and it will penalize the RTT
! a _lot_ if it ever has to retransmit a query.  For a server to stay "#1",
! it has to keep on answering quickly and consistently.
! 
! Note that this is something BIND does that the DNS Specification does not
! mention at all.  So other servers, those not based on BIND, might behave
! very differently.
! 
! -----------------------------------------------------------------------------
! 
! Question 2.22.  InterNIC and domain names
! 
! Date: Sun Jun  2 11:23:49 EDT 1996
! 
! The current InterNIC policy on what to do if someone wants to use a domain
! name that is already in use may be found at
! 
! rs.internic.net : /policy/internic/internic-domain-4.txt
! 
! or
! 
! http://rs.internic.net/domain-info/internic-domain-4.html.
! 
! The following information was submitted by Carl Oppedahl
! <oppedahl@patents.com> :
! 
! If the jealous party happens to have a trademark registration, it is quite
! likely that the domain name owner will lose the domain name, even if they
! aren't infringing the trademark.  This presents a substantial risk of loss
! of a domain name on only 30 days' notice.  Anyone who is the manager of an
! Internet-connected site should be aware of this risk and should plan for
! it.
! 
! See "How do I protect myself from loss of my domain name?" at
! http://www.patents.com/weblaw.sht#domloss.
! 
! For an example of an ISP's battle to keep its domain name, see
! http://www.patents.com/nsi.sht.
! 
! A compendium of information on the subject may be found at
! http://www.law.georgetown.edu/lc/internic/domain1.html.
! 
! ===============================================================================
! 
! Section 3.  UTILITIES
  
!  Q3.1        Utilities to administer DNS zone files
!  Q3.2        DIG - Domain Internet Groper
!  Q3.3        DNS packet analyser
!  Q3.4        host
!  Q3.5        How can I use DNS information in my program?
!  Q3.6        A source of information relating to DNS
  
! -----------------------------------------------------------------------------
  
! Question 3.1.  Utilities to administer DNS zone files
  
! Date: Wed Sep  4 22:53:53 EDT 1996
  
+ There are a few utilities available to ease the administration of zone
+ files in the DNS.
  
! Two common ones are h2n and makezones.  Both are perl scripts.  h2n is
! used to convert host tables into zone data files.  It is available for
! anonymous ftp from
  
+ ftp.uu.net : /published/oreilly/nutshell/dnsbind/dns.tar.Z
+ 
+ makezones works from a single file that looks like a forward zone file,
+ with some additional syntax for special cases.  It is included in the
+ current BIND distribution.  The newest version is always available for
+ anonymous ftp from
+ 
+ ftp.cus.cam.ac.uk : /pub/software/programs/DNS/makezones
+ 
+ More information may be found using the DNS Resources Directory
+ 
+ http://www.dns.net/dnsrd/.
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 3.2.  DIG - Domain Internet Groper
+ 
  Date: Thu Dec  1 11:09:11 EST 1994
  
! The latest and greatest, official, accept-no-substitutes version of the
! Domain Internet Groper (DiG) is the one that comes with BIND.   Get the
! latest kit.
  
! -----------------------------------------------------------------------------
  
! Question 3.3.  DNS packet analyser
! 
! Date: Wed Sep  4 23:43:57 EDT 1996
! 
! There is a free ethernet analyser called Ethload available for PC's
! running DOS. The latest filename is ETHLD104.ZIP. It understands lots  of
! protocols including TCP/UDP. It'll look inside there and display
! DNS/BOOTP/ICMP packets etc. (Ed. note: something nice for someone to add
! to tcpdump ;^) ).  Depending on the ethernet controller it's given  it'll
! perform slightly differently. It handles NDIS/Novell/Packet  drivers.  It
! works best with Novell's promiscuous mode drivers.   A SimTel mirror site
! should have the program available for anonymous ftp.   One is
  
! ftp.coast.net : /SimTel/msdos/lan/ethld104.zip
  
+ -----------------------------------------------------------------------------
  
! Question 3.4.  host
  
  Date: Sun Dec  4 21:15:38 EST 1994
  
  A section from the host man page:
  
***************
*** 738,1026 ****
       numeric Internet addresses.
  
  'host' is compatible with both BIND 4.9 and BIND 4.8
!  
  'host' may be found in contrib/host in the BIND distribution.  The latest
  version always available for anonymous ftp from
  
!     ftp://ftp.nikhef.nl/pub/network/host.tar.Z
  
  It may also be found for anonymous ftp from
  
!     ftp://ftp.uu.net/networking/ip/dns/host.tar.Z
!  
! -------------------------------
  
  Date: Fri Feb 10 15:25:11 EST 1995
- Subject: Q2.5 - Programming with DNS
  
! Q:  How can I use DNS information in my program?
!  
! A:  It depends on precisely what you want to do:
!  
!     a) Consider whether you need to write a program at all.  It may well 
!        be easier to write a shell program (e.g. using awk or perl) to parse 
!        the output of dig, host or nslookup.
!  
!     b) If all you need is names and addresses, there will probably be 
!        system routines 'gethostbyname' and 'gethostbyaddr' to provide this
!        information.
!  
!     c) If you need more details, then there are system routines (res_query 
!        and res_search) to assist with making and sending DNS queries.  
!        However, these do not include a routine to parse the resulting answer 
!        (although routines to assist in this task are provided).  There is a 
!        separate library available that will take a DNS response and unpick 
!        it into its constituent parts, returning a C structure that can be 
!        used by the program.  The source for this library is available for
!        anonymous ftp from
  
!             ftp://hpux.csc.liv.ac.uk/hpux/Networking/Admin/resparse-*
  
  
! -------------------------------
  
  
! Date: Wed May  3 12:46:50 EDT 1995
! Subject: Q2.6 - A source of information relating to DNS
  
! Q: Where can I find utilities and tools to help me manage my zone files ?
  
! A: There are several tools available.  Please refer to the "tools" section
!    of the DNS resources directory:
  
!       http://www.dns.net/dnsrd/tools.html
  
  
! -------------------------------
  
  
! Date: Fri May 12 14:33:40 EDT 1995
! Subject: Q3.1 - TCP/IP Host Naming Conventions
  
! Q: Is a guide available relating to naming systems ?
  
! A: One guide/resource is RFC 1178, "Choosing a Name for Your Computer", 
!    which is available via anonymous FTP from 
  
!          ftp://ftp.internic.netrfc/rfc1178.txt
!  
!    RFCs (Request For Comments) are specifications and guidelines for how
!    many aspects of TCP/IP and the Internet (should) work.  Most RFCs are
!    fairly technical documents, and some have semantics that are hotly
!    contested in the newsgroups.  But a few, like RFC 1178, are actually
!    good to read for someone who's just starting along a TCP/IP path.
  
!  
! -------------------------------
  
  Date: Thu Dec  1 10:32:43 EST 1994
- Subject: Q3.2 - What are slaves and forwarders ?
  
! Q: What are slaves and forwarders ?
  
! A: "forwarders" is a list of NS records that are _prepended_ to a list
!    of NS records to query if the data is not available locally.  This
!    allows a rich cache of records to be built up at a centralized
!    location.  This is good for sites that have sporadic or very slow
!    connections to the Internet.  (demand dial-up, for example)  It's
!    also just a good idea for very large distributed sites to increase
!    the chance that you don't have to go off to the Internet to get an
!    IP address. (sometimes for addresses across the street!)
!  
!    "slave" modifies this to say to replace the list of NS records
!    with the forwarders entry, instead of prepending to it.  This is
!    for firewalled environments, where the nameserver can't directly
!    get out to the Internet at all.
! 
!    "slave" is meaningless (and invalid, in late-model BINDs) without
!    "forwarders".  "forwarders" is an entry in named.boot, and therefore
!    applies only to the nameserver (not to resolvers).
  
! -------------------------------
  
  Date: Mon Jan  2 13:15:13 EST 1995
- Subject: Q3.3 - When is a server authoritative?
- 
  
! Q: What criteria does a server use to determine if it is authoritative
!    for a domain?  
  
! A: In the case of BIND:
!         1) The server contains current data in files for the zone in 
!            question (Data must be current for secondaries, as defined 
!            in the SOA)
!         2) The server is told that it is authoritative for the zone, by
!            a 'primary' or 'secondary' keyword in /etc/named.boot.
!         3) The server does an error-free load of the zone.
  
! Q: I have set up a DNS where there is an SOA record for
!    the domain, but the server still does not consider itself
!    authoritative.  (I used nslookup and set server=the correct machine.)
!    It seems to me that something is not matching up somewhere.  I suspect
!    that this is because the service provider has not given us control
!    over the IP numbers in our own domain, and so while the machine listed
!    has an A record for an address, there is no corresponding PTR record.
  
! A: That's possible too, but is unrelated to the first question.
!    You need to be delegated a zone before outside people will start
!    talking to your server.  However, a server can still be authoritative
!    for a zone even though it hasn't been delegated authority (it's just 
!    that only the people who use that as their server will see the data).
!     
!    A server may consider itself non-authoritative even though it's a
!    primary if there is a syntax error in the zone (see point 3 above).
  
! Q: I always believe that it was the NS record that defined authoritative
!    servers.
  
! A: Nope, delegation is a separate issue from authoritativeness.  
!    You can still be authoritative, but not delegated.  (you can also be 
!    delegated, but not authoritative -- that's a "lame delegation")
  
! Q: We have had problems in the past from servers that were
!    authoritative (primary or secondary) but no NS, so other thought they
!    were not.  Some resolvers get very confused when they get non-
!    authoritative data from the primary server.
  
! A: Yes, that's a lame delegation.  That's not caused by what you said,
!    but rather by a server which is _not_ authoritative for a zone, yet
!    someone else (the parent) is saying that a server is authoritative
!    (via the NS records).
  
!    The set of NS records in the parent zone must be a subset of the
!    authoritative servers to avoid lame delegations.
  
  
! -------------------------------
  
! Date: Fri Apr 28 13:26:37 EDT 1995
! Subject: Q3.4 - underscore in host-/domainnames
  
  
! Q: I had a quick look on whether underscores are allowed in host- or 
!    domainnames.
  
          RFC 1033 allows them.
          RFC 1035 doesn't.
          RFC 1123 doesn't.
          dnswalk complains about them.
  
!    Which RFC is the final authority these days?
  
! A: Actually RFC 1035 deals with names of machines or names of
!    mail domains. i.e "_" is not permitted in a hostname or on the
!    RHS of the "@" in local@domain.
  
!    Underscore is permitted where ever the domain is NOT one of
!    these types of addresses.
  
!    In general the DNS mostly contains hostnames and mail domainnames.
!    This will change as new resource record types for authenticating DNS 
!    queries start to appear.
  
!    The latest version of 'host' checks for illegal characters in A/MX
!    record names and the NS/MX target names.
  
!    After saying all of that, remember that RFC 1123 is a Required Internet 
!    Standard (per RFC 1720), and RFC 1033 isn't.  Even 1035 isn't a required 
!    standard.  Therefore, RFC 1123 wins, no contest.
  
  
! -------------------------------
  
! Date: Fri Dec  2 15:03:56 EST 1994
! Subject: Q3.5 - Lame delegation
  
! Q: What is lame delegation ?
  
! A: Two things are required for a lame delegation:
!         1) A nameserver X is delegated as authoritative for a zone.
!         2) Nameserver X is not performing nameservice for that zone.
  
!    Try to think of a lame delegation as a long-term condition, brought
!    about by a misconfiguration somewhere.  Bryan Beecher's 1992 LISA
!    paper on lame delegations is good to read on this.  The problem
!    really lies in misconfigured nameservers, not "lameness" brought
!    about by transient outages.  The latter is common on the Internet
!    and hard to avoid, while the former is correctable.
  
!    In order to be performing nameservice for a zone, it must have
!    (presumed correct) data for that zone, and it must be answering
!    authoritatively to resolver queries for that zone.  (The AA bit is
!    set in the flags section)
  
!    The "classic" lame delegation case is when nameserver X is delegated
!    as authoritative for domain Y, yet when you ask Y about X, it
!    returns non-authoritative data.
  
!    Here's an example that shows what happens most often (using dig,
!    dnswalk, and doc to find).
  
!    Let's say the domain bogus.com gets registered at the NIC and they
!    have listed 2 primary name servers, both from their *upstream*
!    provider:
   
   bogus.com      IN      NS      ns.bogus.com
   bogus.com      IN      NS      upstream.com
   bogus.com      IN      NS      upstream1.com
  
!    So the root servers have this info.  But when the admins at
!    bogus.com actually set up their zone files they put something like:
!  
   bogus.com      IN      NS      upstream.com
   bogus.com      IN      NS      upstream1.com
  
!    So your name server may have the nameserver info cached (which it
!    may have gotten from the root).  The root says "go ask ns.bogus.com"
!    since they are authoritative
! 
!    This is usually from stuff being registered at the NIC (either
!    nic.ddn.mil or rs.internic.net), and then updated later, but the
!    folks who make the updates later never let the folks at the NIC know
!    about it.
! 
! Q: How can I see if the server is "lame" ?
! 
! A: Go to the authoritative servers one level up, and ask them who
!    they think is authoritative, and then go ask each one of those
!    delegees if they think that they themselves are authoritative.  If any
!    responds "no", then you know who the lame delegation is, and who is
!    delegating lamely to them.  You can then send off a message to the
!    administrators of the level above.
! 
!    The 'lamers' script from Byran Beecher really takes care of all this
!    for you.  It parses the lame delegation notices from BIND's syslog
!    and summarizes them for you.  It may be found in the contrib section
!    of the latest BIND distribution.  The latest version is available
!    for anonymous ftp from
  
!        ftp://terminator.cc.umich.edu/dns/lame-delegations/
  
     If you want to actively check for lame delegations, you can use 'doc'
!    and 'dnswalk'.   You can check things manually with 'dig'.
  
! -------------------------------
  
! Date: Thu Dec  1 11:10:39 EST 1994
! Subject: Q3.6 - What does opt-class field do?
  
! Q: Just something I was wondering about: What does the opt-class
!    field in an name database do (the one that always says IN)?
!    What would happen if I put something else there instead?
  
! A: This field is the address class.  From the BOG -
  
        ...is the address class; currently, only one class
        is supported: IN  for  internet  addresses  and  other
        internet information.  Limited support is included for
        the HS  class,  which  is  for  MIT/Athena  ``Hesiod''
        information.
! 
! -------------------------------
  
! Date: Fri Feb 10 14:49:54 EST 1995
! Subject: Q3.7 - Top level domains
  
  
  A section from RFC 1591:
  
--- 894,1262 ----
       numeric Internet addresses.
  
  'host' is compatible with both BIND 4.9 and BIND 4.8
! 
  'host' may be found in contrib/host in the BIND distribution.  The latest
  version always available for anonymous ftp from
  
! ftp.nikhef.nl : /pub/network/host.tar.Z
  
  It may also be found for anonymous ftp from
  
! ftp.uu.net : /networking/ip/dns/host.tar.Z
  
+ -----------------------------------------------------------------------------
+ 
+ Question 3.5.  How can I use DNS information in my program?
+ 
  Date: Fri Feb 10 15:25:11 EST 1995
  
! It depends on precisely what you want to do:
  
! * Consider whether you need to write a program at all.  It may well be
!   easier to write a shell program (e.g. using awk or perl) to parse the
!   output of dig, host or nslookup.
! * If all you need is names and addresses, there will probably be system
!   routines 'gethostbyname' and 'gethostbyaddr' to provide this
!   information.
! * If you need more details, then there are system routines (res_query and
!   res_search) to assist with making and sending DNS queries.  However,
!   these do not include a routine to parse the resulting answer (although
!   routines to assist in this task are provided).  There is a separate
!   library available that will take a DNS response and unpick it into its
!   constituent parts, returning a C structure that can be used by the
!   program.  The source for this library is available for anonymous ftp at
  
+   hpux.csc.liv.ac.uk : /hpux/Networking/Admin/resparse-1.2
  
! -----------------------------------------------------------------------------
  
+ Question 3.6.  A source of information relating to DNS
  
! Date: Tue Nov  5 23:42:21 EST 1996
  
! You may find utilities and tools to help you manage your zone files
! (including WWW front-ends) in the "tools" section of the DNS  resources
! directory:
  
! http://www.dns.net/dnsrd/tools.html
  
! There are also a number of IP management tools available.  Data
! Communications had an article on the subject in Sept/Oct of 1996.  The
! tools mentioned in the article and a few others may be found at the
! following sites:
  
+ * IP Address management, http://www.accugraph.com
+ * IP-Track, http://www.on.com
+ * NetID, http://www.isotro.com
+ * QIP, http://www.quadritek.com
+ * UName-It, http://www.esm.com
  
! ===============================================================================
  
+ Section 4.  DEFINITIONS
  
!  Q4.1        TCP/IP Host Naming Conventions
!  Q4.2        What are slaves and forwarders ?
!  Q4.3        When is a server authoritative?
!  Q4.4        My server does not consider itself authoritative !
!  Q4.5        NS records don't configure servers as authoritative ?
!  Q4.6        underscore in host-/domainnames
!  Q4.7        What is lame delegation ?
!  Q4.8        How can I see if the server is "lame" ?
!  Q4.9        What does opt-class field in a zone file do?
!  Q4.10       Top level domains
!  Q4.11       Classes of networks
!  Q4.12       What is CIDR ?
!  Q4.13       What is the rule for glue ?
  
! -----------------------------------------------------------------------------
  
! Question 4.1.  TCP/IP Host Naming Conventions
  
! Date: Mon Aug  5 22:49:46 EDT 1996
  
! One guide that may be used when naming hosts is RFC 1178, "Choosing a Name
! for Your Computer", which is available via anonymous FTP from
! 
! ftp.internic.net : /rfc/rfc1178.txt
! 
! RFCs (Request For Comments) are specifications and guidelines for how many
! aspects of TCP/IP and the Internet (should) work.  Most RFCs are fairly
! technical documents, and some have semantics that are hotly contested in
! the newsgroups.  But a few, like RFC 1178, are actually good to read for
! someone who's just starting along a TCP/IP path.
! 
! -----------------------------------------------------------------------------
  
+ Question 4.2.  What are slaves and forwarders ?
+ 
  Date: Thu Dec  1 10:32:43 EST 1994
  
! "forwarders" is a list of NS records that are _prepended_ to a list of NS
! records to query if the data is not available locally.  This allows a rich
! cache of records to be built up at a centralized location.  This is good
! for sites that have sporadic or very slow connections to the Internet.
! (demand dial-up, for example)  It's also just a good idea for very large
! distributed sites to increase the chance that you don't have to go off to
! the Internet to get an IP address. (sometimes for addresses across the
! street!)
! 
! "slave" modifies this to say to replace the list of NS records with the
! forwarders entry, instead of prepending to it.  This is for firewalled
! environments, where the nameserver can't directly get out to the Internet
! at all.
! 
! "slave" is meaningless (and invalid, in late-model BINDs) without
! "forwarders".  "forwarders" is an entry in named.boot, and therefore
! applies only to the nameserver (not to resolvers).
  
! -----------------------------------------------------------------------------
  
! Question 4.3.  When is a server authoritative?
  
  Date: Mon Jan  2 13:15:13 EST 1995
  
! In the case of BIND:
  
! * The server contains current data in files for the zone in question (Data
!   must be current for secondaries, as defined in the SOA)
! * The server is told that it is authoritative for the zone, by a 'primary'
!   or 'secondary' keyword in /etc/named.boot.
! * The server does an error-free load of the zone.
  
! -----------------------------------------------------------------------------
  
! Question 4.4.  My server does not consider itself authoritative !
  
! Date: Mon Jan  2 13:15:13 EST 1995
  
! The question was:
  
!   What if I have set up a DNS where there is an SOA record for
!   the domain, but the server still does not consider itself
!   authoritative.  (when using nslookup and set server=the correct machine.)
!   It seems that something is not matching up somewhere.  I suspect
!   that this is because the service provider has not given us control
!   over the IP numbers in our own domain, and so while the machine listed
!   has an A record for an address, there is no corresponding PTR record.
! With the answer:
  
!   That's possible too, but is unrelated to the first question.
!   You need to be delegated a zone before outside people will start
!   talking to your server.  However, a server can still be authoritative
!   for a zone even though it hasn't been delegated authority (it's just 
!   that only the people who use that as their server will see the data).
!     
!   A server may consider itself non-authoritative even though it's a
!   primary if there is a syntax error in the zone (see the list in the 
!   previous question).
! -----------------------------------------------------------------------------
  
! Question 4.5.  NS records don't configure servers as authoritative ?
  
+ Date: Fri Dec  6 16:13:34 EST 1996
  
! Nope, delegation is a separate issue from authoritativeness.  You can
! still be authoritative, but not delegated.  (you can also be  delegated,
! but not authoritative -- that's a "lame delegation")
  
! -----------------------------------------------------------------------------
  
+ Question 4.6.  underscore in host-/domainnames
  
! Date: Mon Aug  5 22:39:02 EDT 1996
  
+ The question is "Are underscores are allowed in host- or domainnames" ?
          RFC 1033 allows them.
          RFC 1035 doesn't.
          RFC 1123 doesn't.
          dnswalk complains about them.
  
! 
! Which RFC is the final authority these days?
  
! Actually RFC 1035 deals with names of machines or names of mail domains.
! i.e "_" is not permitted in a hostname or on the RHS of the "@" in
! local@domain.
  
! Underscore is permitted where ever the domain is NOT one of these types
! of addresses.
  
! In general the DNS mostly contains hostnames and mail domainnames.  This
! will change as new resource record types for authenticating DNS  queries
! start to appear.
  
! The latest version of 'host' checks for illegal characters in A/MX record
! names and the NS/MX target names.
  
! After saying all of that, remember that RFC 1123 is a Required Internet
! Standard (per RFC 1720), and RFC 1033 isn't.  Even  RFC 1035 isn't a
! required standard.  Therefore, RFC 1123 wins, no contest.
  
+ From RFC 1123, Section 2.1
  
!    2.1  Host Names and Numbers
  
!       The syntax of a legal Internet host name was specified in RFC-952
!       [DNS:4].  One aspect of host name syntax is hereby changed: the
!       restriction on the first character is relaxed to allow either a
!       letter or a digit.  Host software MUST support this more liberal
!       syntax.
  
!    And described by Dave Barr in RFC1912:
  
!       Allowable characters in a label for a host name are only ASCII
!       letters, digits, and the `-' character.  Labels may not be all
!       numbers, but may have a leading digit  (e.g., 3com.com).  Labels must
!       end and begin only with a letter or digit.  See [RFC 1035] and [RFC
!       1123].  (Labels were initially restricted in [RFC 1035] to start with
!       a letter, and some older hosts still reportedly have problems with
!       the relaxation in [RFC 1123].)  Note there are some Internet
!       hostnames which violate this rule (411.org, 1776.com).
  
! Finally, one more piece of information (From Paul Vixie):
  
!    RFC 1034 says only that domain names have characters in them, though it
!    says so with enough fancy and indirection that it's hard to tell exactly.
  
!    Generally, for second level domains (i.e., something you would get from
!    InterNIC or from the US Domain Registrar and probably other ISO 3166
!    country code TLDs), RFC 952 is thought to apply.  RFC 952 was about host
!    names rather than domain names, but the rules seemed good enough.
  
!         <domainname> ::= <hname>
  
!         <hname> ::= <name>*["."<name>]
!         <name>  ::= <let>[*[<let-or-digit-or-hyphen>]<let-or-digit>]
   
+ There has been a recent update on this subject which may be found in
+ 
+ ftp.internic.net : /internet-drafts/draft-andrews-dns-hostnames-03.txt.
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 4.7.  What is lame delegation ?
+ 
+ Date: Mon Aug  5 22:45:02 EDT 1996
+ 
+ Two things are required for a lame delegation:
+ 
+ * A nameserver X is delegated as authoritative for a zone.
+ * Nameserver X is not performing nameservice for that zone.
+ 
+ Try to think of a lame delegation as a long-term condition, brought about
+ by a misconfiguration somewhere.  Bryan Beecher's 1992 LISA paper on lame
+ delegations is good to read on this.  The problem really lies in
+ misconfigured nameservers, not "lameness" brought about by transient
+ outages.  The latter is common on the Internet and hard to avoid, while
+ the former is correctable.
+ 
+ In order to be performing nameservice for a zone, it must have (presumed
+ correct) data for that zone, and it must be answering authoritatively to
+ resolver queries for that zone.  (The AA bit is set in the flags section)
+ 
+ The "classic" lame delegation case is when nameserver X is delegated as
+ authoritative for domain Y, yet when you ask Y about X, it returns
+ non-authoritative data.
+ 
+ Here's an example that shows what happens most often (using dig, dnswalk,
+ and doc to find).
+ 
+ Let's say the domain bogus.com gets registered at the NIC and they have
+ listed 2 primary name servers, both from their *upstream* provider:
+ 
   bogus.com      IN      NS      ns.bogus.com
   bogus.com      IN      NS      upstream.com
   bogus.com      IN      NS      upstream1.com
  
! So the root servers have this info.  But when the admins at bogus.com
! actually set up their zone files they put something like:
! 
   bogus.com      IN      NS      upstream.com
   bogus.com      IN      NS      upstream1.com
  
! So your name server may have the nameserver info cached (which it may have
! gotten from the root).  The root says "go ask ns.bogus.com" since they are
! authoritative
! 
! This is usually from stuff being registered at the NIC (either nic.ddn.mil
! or rs.internic.net), and then updated later, but the folks who make the
! updates later never let the folks at the NIC know about it.
! 
! -----------------------------------------------------------------------------
! 
! Question 4.8.  How can I see if the server is "lame" ?
! 
! Date: Mon Aug  5 22:45:02 EDT 1996
  
! Go to the authoritative servers one level up, and ask them who they think
! is authoritative, and then go ask each one of those delegees if they think
! that they themselves are authoritative.  If any responds "no", then you
! know who the lame delegation is, and who is delegating lamely to them.
! You can then send off a message to the administrators of the level above.
  
+ The 'lamers' script from Byran Beecher really takes care of all this for
+ you.  It parses the lame delegation notices from BIND's syslog and
+ summarizes them for you.  It may be found in the contrib section of the
+ latest BIND distribution.  The latest version is available for anonymous
+ ftp from
+ 
+ terminator.cc.umich.edu : /dns/lame-delegations/
+ 
     If you want to actively check for lame delegations, you can use 'doc'
! and 'dnswalk'.   You can check things manually with 'dig'.
  
! The InterNIC recently announced a new lame delegation that will be in
! effect on 01 October, 1996.  Here is a summary:
  
! * After receipt/processing of a name registration template, and at random
!   intervals thereafter, the InterNIC will perform a DNS query  via UDP
!   Port 53 on domain names for an SOA response for the name  being
!   registered.
! * If the query of the domain name returns a non-authoritative response
!   from all the listed name servers, the query will be repeated four times
!   over the next 30 days at random intervals approximately 7 days apart,
!   with notification to all listed whois and nameserver contacts of the
!   possible pending deletion.  If at least one server answers correctly,
!   but one or more are lame, FYI notifications will be sent to all contacts
!   and checking will be discontinued.  Additionally, e-mail notices will be
!   provided to the contact for the name servers holding the delegation to
!   alert them to the "lame" condition.  Notifications will state explicitly
!   the consequences of not correcting the "lame" condition and will be
!   assigned a descriptive subject as follows:
! 
!      Subject: Lame Delegation Notice: DOMAIN_NAME
! 
!   The notification will include a timestamp for when the query was
!   performed.
! * If, following 30 days, the name servers still provide no SOA response,
!   the name will be placed in a "hold" status and the DNS information will
!   no longer be propagated.  The administrative contact will be notified by
!   postal mail and all whois contacts will be notified by e-mail, with
!   instructions for taking corrective action.
! * Following 60 days in a "hold" status, the name will be deleted and made
!   available for reregistration.  Notification of the final deletion will
!   be sent to the name server and domain name contacts  listed in the NIC
!   database.
! 
! -----------------------------------------------------------------------------
  
! Question 4.9.  What does opt-class field in a zone file do?
  
! Date: Thu Dec  1 11:10:39 EST 1994
! 
! This field is the address class.  From the BOG -
  
        ...is the address class; currently, only one class
        is supported: IN  for  internet  addresses  and  other
        internet information.  Limited support is included for
        the HS  class,  which  is  for  MIT/Athena  ``Hesiod''
        information.
! -----------------------------------------------------------------------------
  
! Question 4.10.  Top level domains
  
+ Date: Fri Dec  6 15:13:35 EST 1996
  
  A section from RFC 1591:
  
***************
*** 1033,1044 ****
     letter country codes from ISO-3166.  It is extremely unlikely that
     any other TLDs will be created.
  
! [ Ed note:  the ISO-3166 country codes may be found for anonymous ftp from:
  
!      ftp://ftp.isi.edu/in-notes/iana/assignments/country-codes
!      ftp://ftp.ripe.net/iso3166-codes
  ]
  
     Under each TLD may be created a hierarchy of names.  Generally, under
     the generic TLDs the structure is very flat.  That is, many
     organizations are registered directly under the TLD, and any further
--- 1269,1303 ----
     letter country codes from ISO-3166.  It is extremely unlikely that
     any other TLDs will be created.
  
! -----
  
! [ Ed note:  the ISO-3166 country codes may be found for anonymous ftp
! from:
! 
! * ftp.isi.edu : /in-notes/iana/assignments/country-codes
! * ftp.ripe.net : /iso3166-codes
! 
! ]
! 
! [ Ed note: Since the Internic started charging for registration services,
! (and for other reasons) there are a number of groups that want to offer
! an alternative to registering a domain under a "standard" TLD.  More
! information on some of these options may be found at:
! 
! *      http://www.alternic.net/
! *      http://www.eu.org/
! *      http://www.ml.org/mljoin.html
! 
! You may participate in one of the discussions on iTLD proposals at
! 
! * To sign up: http://www.newdom.com/lists
! * Old postings: http://www.newdom.com/archive
! 
  ]
  
+ -----
+ 
+    ...
     Under each TLD may be created a hierarchy of names.  Generally, under
     the generic TLDs the structure is very flat.  That is, many
     organizations are registered directly under the TLD, and any further
***************
*** 1208,1250 ****
         state-wide organizations, clubs, or domain parks.  For example:
         <org-name>.GEN.<state-code>.US.
  
!    The application form for the US domain may be found for anonymous ftp 
!    from:
  
!        ftp://internic.net/templates/us-domain-template.txt
  
!    The application form for the EDU, COM, NET, ORG, and  GOV domains may be 
!    found for anonymous ftp from:
  
!        ftp://internic.net/templates/domain-template.txt
  
!  
! -------------------------------
  
! Date: Sun Nov 27 23:32:41 EST 1994
! Subject: Q3.8 - Classes of networks
  
! Q: I am just kind of curious to what exactly the differences in classes
!    of networks are (class A, B, C).  
!  
! A: An Internet Protocol (IP) address is 32 bit in length, divided into 
!    two or three parts (the network address, the subnet address (if present),
!    and the host address.  The subnet addresses are only present if the
!    network has been divided into subnetworks.  The length of the network,
!    subnet, and host field are all variable. 
! 
!    There are five different network classes.  The leftmost bits indicate 
!    the class of the network.
! 
!       # bits in  # bits in
!        network     host
! Class   field     field   Internet Protocol address in binary  Ranges
  ============================================================================
!   A       7         24    0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH    1-127.x.x.x
!   B      14         16    10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH  128-191.x.x.x
!   C      22          8    110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH  192-223.x.x.x
!   D      NOTE 1           1110xxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx  224-239.x.x.x
!   E      NOTE 2           11110xxx.xxxxxxxx.xxxxxxxx.xxxxxxxx  240-247.x.x.x
  
     where N represents part of the network address and H represents part of 
     the host address.   When the subnet address is defined, the needed bits 
--- 1467,1510 ----
         state-wide organizations, clubs, or domain parks.  For example:
         <org-name>.GEN.<state-code>.US.
  
! The application form for the US domain may be found:
  
! * for anonymous ftp from internic.net : /templates/us-domain-template.txt
! * http://www.isi.edu/us-domain/
  
! The application form for the EDU, COM, NET, ORG, and  GOV domains may be
! found for anonymous ftp from:
  
! internic.net : /templates/domain-template.txt
  
! -----------------------------------------------------------------------------
  
! Question 4.11.  Classes of networks
  
! Date: Wed Sep  4 22:59:27 EDT 1996
! 
! The usage of 'classes of networks' (class A, B, C) are historical and have
! been replaced by CIDR blocks on the Internet.  That being said...
! 
! An Internet Protocol (IP) address is 32 bit in length, divided into  two
! or three parts (the network address, the subnet address (if present), and
! the host address.  The subnet addresses are only present if the network
! has been divided into subnetworks.  The length of the network, subnet, and
! host field are all variable.
! 
! There are five different network classes.  The leftmost bits indicate  the
! class of the network.
! 
!        # of     # of
!       bits in  bits in
!       network   host
! Class  field    field   Internet Protocol address in binary  Ranges
  ============================================================================
!   A      7       24      0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH    1-127.x.x.x
!   B     14       16      10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH  128-191.x.x.x
!   C     22        8      110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH  192-223.x.x.x
!   D     NOTE 1           1110xxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx  224-239.x.x.x
!   E     NOTE 2           11110xxx.xxxxxxxx.xxxxxxxx.xxxxxxxx  240-247.x.x.x
  
     where N represents part of the network address and H represents part of 
     the host address.   When the subnet address is defined, the needed bits 
***************
*** 1254,1330 ****
     NOTE 2: Reserved for future use
  
     127.0.0.1 is reserved for local loopback.
-  
-    Under the current arrangements, many class A IP numbers will not be
-    assigned whereas class C usage will be at a premium.   
-  
- -------------------------------
  
  
! Date: Fri Apr 28 13:31:24 EDT 1995
! Subject: Q3.9 - What is CIDR ?
  
! Q: What is CIDR ?
  
! A: CIDR is "Classless Inter-Domain Routing (CIDR).  From RFC1517:
  
!       ...Classless Inter-Domain Routing (CIDR) attempts to deal with 
        these problems by defining a mechanism to slow the growth of 
        routing tables and reduce the need to allocate new IP network 
        numbers.  
  
!    Much more information may be obtained in RFCs 1467, 1517, 1518, 1520; 
!    with primary reference 1519
  
  
! -------------------------------
  
  
  Date: Fri Apr 28 13:31:24 EDT 1995
- Subject: Q3.10 - What is the rule for glue ?
  
! Q: What is the rule for glue ?
  
- A: A glue record is an A record for a name that appears on the right-hand 
-    side of a NS record.  So, if you have this:
   
          sub.foobar.com.        IN      NS      dns.sub.foobar.com.
          dns.sub.foobar.com.    IN      A       1.2.3.4
  
!    then the second record is a glue record (for the NS record above it).
!  
!    You need glue records when -- and only when -- you are delegating
!    authority to a nameserver that "lives" in the domain you are delegating 
!    *and* you aren't a secondary server for that domain.
! 
!    In other words, in the example above, you need to add an A record
!    for dns.sub.foobar.com since it "lives" in the domain it serves.
!    This boot strapping information is necessary:  How are you supposed
!    to find out the IP address of the nameserver for domain FOO if the
!    nameserver for FOO "lives" in FOO?
!  
!    If you have this NS record:
!  
          sub.foobar.com.         IN      NS      dns.xyz123.com.
  
!    you do NOT need a glue record, and, in fact, adding one is a very
!    bad idea.  If you add one, and then the folks at xyz123.com change
!    the address, then you will be passing out incorrect data.
!  
!    Also, unless you actually have a machine called something.IN-ADDR.ARPA, 
!    you will never have any glue records present in any of your "reverse" 
!    files.
! 
!    There is also a sort of implicit glue record that can be useful (or 
!    confusing :^) ).  If the parent server (abc.foobar.com domain in example
!    above) is a secondary server for the child, then the A record will be
!    fetched from the child server when the zone transfer is done.  The glue
!    is still there but it's a little different, it's in the ip address in 
!    the named.boot line instead of explicitly in the data.  In this case 
!    you can leave out the explicit glue A record and leave the manually 
!    configured "glue" in just the one place in the named.boot file. 
  
!    RFC 1537 says it quite nicely:
  
        2. Glue records
   
--- 1514,1589 ----
     NOTE 2: Reserved for future use
  
     127.0.0.1 is reserved for local loopback.
  
+ -----------------------------------------------------------------------------
  
! Question 4.12.  What is CIDR ?
  
! Date: Tue Nov  5 23:47:29 EST 1996
  
! CIDR is "Classless Inter-Domain Routing (CIDR).  From RFC 1517:
  
!       ...Classless Inter-Domain Routing (CIDR) attempts to deal with
        these problems by defining a mechanism to slow the growth of 
        routing tables and reduce the need to allocate new IP network 
        numbers.  
  
! Much more information may be obtained in RFCs 1467, 1517, 1518, 1520;
! with primary reference 1519.
! 
! Also please see the CIDR FAQ at
  
+ * http://www.ibm.net.il/~hank/cidr.html
+ * http://www.rain.net/faqs/cidr.faq.html
+ * http://www.lab.unisource.ch/services/internet/direct/cidr.html
  
! -----------------------------------------------------------------------------
  
+ Question 4.13.  What is the rule for glue ?
  
  Date: Fri Apr 28 13:31:24 EDT 1995
  
! A glue record is an A record for a name that appears on the right-hand
! side of a NS record.  So, if you have this:
  
   
          sub.foobar.com.        IN      NS      dns.sub.foobar.com.
          dns.sub.foobar.com.    IN      A       1.2.3.4
  
! then the second record is a glue record (for the NS record above it).
! 
! You need glue records when -- and only when -- you are delegating
! authority to a nameserver that "lives" in the domain you are delegating
! *and* you aren't a secondary server for that domain.
! 
! In other words, in the example above, you need to add an A record for
! dns.sub.foobar.com since it "lives" in the domain it serves.  This boot
! strapping information is necessary:  How are you supposed to find out the
! IP address of the nameserver for domain FOO if the nameserver for FOO
! "lives" in FOO?
! 
! If you have this NS record:
! 
          sub.foobar.com.         IN      NS      dns.xyz123.com.
  
! you do NOT need a glue record, and, in fact, adding one is a very bad
! idea.  If you add one, and then the folks at xyz123.com change the
! address, then you will be passing out incorrect data.
! 
! Also, unless you actually have a machine called something.IN-ADDR.ARPA,
! you will never have any glue records present in any of your "reverse"
! files.
! 
! There is also a sort of implicit glue record that can be useful (or
! confusing :^) ).  If the parent server (abc.foobar.com domain in example
! above) is a secondary server for the child, then the A record will be
! fetched from the child server when the zone transfer is done.  The glue is
! still there but it's a little different, it's in the ip address in  the
! named.boot line instead of explicitly in the data.  In this case  you can
! leave out the explicit glue A record and leave the manually  configured
! "glue" in just the one place in the named.boot file.
  
! RFC 1537 says it quite nicely:
  
        2. Glue records
   
***************
*** 1337,1339 ****
--- 1596,1602 ----
           Old BIND versions ("native" 4.8.3 and older versions) showed the
           problem that wrong glue records could enter secondary servers in
           a zone transfer.
+ 
+ 
+ The remainder of the FAQ is in the next part (Part 2 of 2).
+ 
diff --context --recurs m:\bind495p1/doc/misc/FAQ.2of2 m:\bind/doc/misc/FAQ.2of2
*** m:\bind495p1/doc/misc/FAQ.2of2	Mon Dec 02 21:40:19 1996
--- m:\bind/doc/misc/FAQ.2of2	Wed Dec 18 23:12:02 1996
***************
*** 1,247 ****
  Newsgroups: comp.protocols.tcp-ip.domains,comp.answers,news.answers
! Path: vixie!news1.digital.com!uunet!in1.uu.net!usc!rutgers!njitgw.njit.edu!hertz.njit.edu!cdp2582
! From: cdp@njit.edu (Chris Peckham)
! Subject: comp.protocols.tcp-ip.domains Frequently Asked Questions (FAQ) (Part 2 of 2)
! Message-ID: <cptd-faq-2-810621452@njit.edu>
! Followup-To: comp.protocols.tcp-ip.domains
! Originator: cdp2582@hertz.njit.edu
! Keywords: BIND,DOMAIN,DNS
! Sender: news@njit.edu
! Supersedes: <cptd-faq-2-807632375@njit.edu>
! Nntp-Posting-Host: hertz.njit.edu
! X-Posting-Frequency: posted on the 1st of each month
  Reply-To: domain-faq@njit.edu (comp.protocols.tcp-ip.domains FAQ comments)
  Organization: NJIT.EDU - New Jersey Institute of Technology, Newark, NJ, USA
! References: <cptd-faq-1-810621452@njit.edu> 
! Date: Sat, 9 Sep 1995 04:38:21 GMT
  Approved: news-answers-request@MIT.EDU
! Expires: Sat 14 Oct 95 00:37:32 EDT
! Lines: 1110
! Xref: vixie comp.protocols.tcp-ip.domains:6019 comp.answers:13882 news.answers:49919
  
  Posted-By: auto-faq 3.1.1.2
  Archive-name: internet/tcp-ip/domains-faq/part2
! Revision: 1.5 1995/05/12 18:50:41
  
  
! This FAQ is edited and maintained by Chris Peckham, <cdp@njit.edu>. 
! The latest version may always be found for anonymous ftp from
  
!     ftp://rtfm.mit.edu/pub/usenet/news.answers/internet/tcp-ip/domains-faq
!     ftp://ftp.njit.edu/pub/dns/Comp.protocols.tcp-ip.domains.FAQ
  
! If you can contribute any answers for items in the TODO section, please do
! so by sending e-mail to domain-faq@njit.edu !  If you know of any items that 
! are not included and you feel that they should be,  send the relevant
! information to domain-faq@njit.edu.
! 
! 
! ------------------------------
! 
! Date: Fri May 12 14:41:47 EDT 1995
! Subject: Table of Contents
! 
! Table of Contents
! =================
! Part 1
! ------
!    0. TO DO
!    1. INTRODUCTION / MISCELLANEOUS
!       1.1  What is this newsgroup ?
!       1.2  More information
!       1.3  What is BIND and where is the latest version of BIND ?
!       1.4  How can I find the route between systems ?
!       1.5  Finding the hostname if you have the tcp-ip address
!       1.6  How to register a domain name
!       1.7  Change of Domain name
!       1.8  How memory and CPU does DNS use ?
!       1.9  Other things to consider when planning your servers  
!       1.10 Proper way to get NS and reverse IP records into DNS
!       1.11 How to get my address assign from NIC?
!       1.12 Is there a block of private IP addresses I can use?
!       1.13 Cache failed lookups
!       1.14 What does an NS record really do ?
!       1.15 DNS ports
!       1.16 Obtaining the latest cache file 
!    2. UTILITIES
!       2.1  Utilities to administer DNS zone files
!       2.2  DIG - Domain Internet Groper
!       2.3  DNS packet analyzer
!       2.4  host 
!       2.5  Programming with DNS
!       2.6  A source of information relating to DNS
!    3. DEFINITIONS
!       3.1  TCP/IP Host Naming Conventions
!       3.2  Slaves and servers with forwarders
!       3.3  When is a server authoritative?
!       3.4  Underscore in host-/domain names
!       3.5  Lame delegation
!       3.6  What does opt-class field do?
!       3.7  Top level domains
!       3.8  Classes of networks
!       3.9  What is CIDR ?
!       3.10 What is the rule for glue ?
! 
! Part 2
! ------
!    4. CONFIGURATION
!       4.1  Changing a Secondary server to a Primary
!       4.2  How do I subnet a Class B Address ?
!       4.3  Subnetted domain name service
!       4.4  Recommended format/style of DNS files
!       4.5  DNS on a system not connected to the Internet
!       4.6  Multiple Domain configuration
!       4.7  wildcard MX records
!       4.8  How to identify a wildcard MX record
!       4.9  Why are fully qualified domain names recommended ?
!       4.10 Distributing load using named
!       4.11 Order of returned records
!       4.12 resolv.conf 
!       4.13 Delegating authority 
!       4.14 DNS instead of NIS on a Sun OS 4.1.x system
!    5. PROBLEMS
!       5.1  No address for root server
!       5.2  Error - No Root Nameservers for Class XX
!       5.3  Bind 4.9.x and MX querying?
!       5.4  Some root nameservers don't know localhost
!       5.5  MX records and CNAMES and separate A records for MX targets
!       5.6  NS is a CNAME
!       5.7  Nameserver forgets own A record
!       5.8  General problems (core dumps !)
!       5.9  malloc and DECstations
!    6. ACKNOWLEDGEMENTS
! 
! ------------------------------
! 
! Date: Fri Dec  2 15:31:06 EST 1994
! Subject: Q4.1 - Changing a Secondary server to a Primary
! 
! Q: Do I need to do anything special when I change a server from a secondary 
!    to a primary ?
!  
! A: For 4.8.3,  it's prudent to kill and restart following any changes to
!    named.boot.
!  
!    In BIND 4.9.3, you only have to kill and restart named if you change
!    a primary zone to a secondary or v-v, or if you delete a zone and
!    remain authoritative for its parent.  Every other case should be
!    taken care of by a HUP.  (Ed. note: 4.9.3b9 may still require you to
!    kill and restart the server due to some bugs in the HUP code).
! 
!    You will also need to update the server information on the root servers.
!    You can do this by filing a new domain registration form to inform 
!    InterNIC of the change.  They will then update the root server's SOA
!    records.  This process usually takes 10-12 business days after they
!    receive the request.
  
! -------------------------------
  
  Date: Fri Apr 28 13:34:52 EDT 1995
- Subject: Q4.2 - How do I subnet a Class B Address ?
  
! Q: I just received a Class B internet address and I am wondering where to
!    get an RFC or other information on how to properly to the TCP/IP
!    sub-netting.
!  
! A: That you need to subnet at all is something of a misconception.  You
!    can also think of a class B network as giving you 65,534 individual
!    hosts, and such a network will work. You can also configure your
!    class B as 16,384 networks of 2 hosts each.  That's obviously not
!    very practical, but it needs to be made clear that you are not
!    constrained by the size of an octet (remember that many older
!    devices would not work in a network configured in this manner).
!  
!    So, the question is: why do you need to subnet?   One reason is that
!    it is easier to manage a subnetted network, and in fact, you can
!    delegate the responsibility for address space management to local
!    administrators on the various subnets.  Also, IP based problems will
!    end up localized rather than affecting your entire network.
!    
!    If your network is a large backbone with numerous segments
!    individually branching off the backbone, that too suggests
!    subnetting.
! 
!    Subnetting can also be used to improve routing conditions.
! 
!    You may wish to partition your network to disallow certain protocols 
!    on certain segments of your net.  You can, for example, restrict IP or
!    IPX to certain segments only by adding a router routing high level 
!    protocols, and across the router you may have to subnet. 
! 
!    Finally, as far as how many subnets you need depends on the answer to
!    the above question.  As far as subnet masks are concerned, the mask
!    can be anything from 255.0.0.0 to 255.255.255.252.  You'll probably be
!    looking at 9 or 10 bits for the subnet (last octet 128 or 192
!    respectively).  RFC1219 discusses the issue of subnetting very well 
!    and leaves the network administrator with a large amount of flexibility
!    for future growth.
  
  
! ------------------------------
!  
! Date: Sun Nov 27 23:32:41 EST 1994
! Subject: Q4.3 -Subnetted domain name service
  
! Q: After doing some reading (DNS and BIND, Albitz&Liu), I don't really
!    find any examples of handling subnetted class C networks as separate
!    DNS domains.
!  
! A: This is possible, just messy.   You need to delegate down to the
!    fourth octet, so you will have one domain per IP address !  Here is
!    how you can subdelegate a in-addr.arpa address for non-byte aligned 
!    subnet masks:
! 
!    Take as an example the net 192.1.1.x, and example subnet mask 
!    255.255.255.240.
!  
!    We first define the domain for the class C net,
!  
! $origin  1.1.192.in-addr.arpa
! @       SOA   (usual stuff)
! @       ns  some.nameserver
!         ns  some.other.nameserver
! ; delegate a subdomain
! one     ns  one.nameserver
!         ns  some.nameserver
! ; delegate another
! two     ns  two.nameserver
!         ns  some.nameserver
! ; CNAME pointers to subdomain one
! 0       CNAME 0.one
! 1       CNAME 1.one
! ;    through
! 15      CNAME 15.one
! ; CNAME pointers to subdomain two
! 16      CNAME 16.two
! 17      CNAME 17.two
! 31      CNAME 31.two
! ; CNAME as many as required.
!  
!  
!    Now, in the delegated nameserver, one.nameserver
!  
! $origin one.1.1.192.in-addr.arpa
! @       SOA (usual stuff)
!         NS  one.nameserver
!         NS  some.nameserver   ;  secondary for us
! 0       PTR  onenet.one.domain
! 1       PTR  onehost.one.domain
! ;   through
! 15      PTR  lasthost.one.domain
  
!    And similar for the two.1.1.192.in-addr.arpa delegated domain.
!  
!  
! ------------------------------
  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q4.4 - Recommended format/style of DNS files
  
! Q:  Are there any suggestions for how to layout DNS configuration files
!     (both forward and reverse)?
!  
! A: This answer is quoted from an article posted by Paul Vixie:
!  
     I've gone back and forth on the question of whether the BOG should
     include a section on this topic.  I know what I myself prefer, but
     I'm wary of ramming my own stylistic preferences down the throat of
--- 1,227 ----
  Newsgroups: comp.protocols.tcp-ip.domains,comp.answers,news.answers
! Path: vixie!news1.digital.com!su-news-hub1.bbnplanet.com!news.bbnplanet.com!cam-news-hub1.bbnplanet.com!news.mathworks.com!news.kei.com!uhog.mit.edu!rutgers!njitgw.njit.edu!hertz.njit.edu!cdp2582
! From: cdp2582@hertz.njit.edu (Chris Peckham)
! Subject: comp.protocols.tcp-ip.domains Frequently Asked Questions (FAQ) (Part 2 of 2)
! Message-ID: <cptd-faq-2-849940949@njit.edu>
! Followup-To: comp.protocols.tcp-ip.domains
! Originator: cdp2582@hertz.njit.edu
! Keywords: BIND,DOMAIN,DNS
! Sender: news@njit.edu
! Supersedes: <cptd-faq-2-847336183@njit.edu>
! Nntp-Posting-Host: hertz.njit.edu
! X-Posting-Frequency: posted during the first week of each month
  Reply-To: domain-faq@njit.edu (comp.protocols.tcp-ip.domains FAQ comments)
  Organization: NJIT.EDU - New Jersey Institute of Technology, Newark, NJ, USA
! References: <cptd-faq-1-849940949@njit.edu> 
! Date: Sat, 7 Dec 1996 06:42:49 GMT
  Approved: news-answers-request@MIT.EDU
! Expires: Sat 11 Jan 97 02:42:29 EDT
! Lines: 1277
! Xref: vixie comp.protocols.tcp-ip.domains:12905 comp.answers:22441 news.answers:85683
  
  Posted-By: auto-faq 3.1.1.2
  Archive-name: internet/tcp-ip/domains-faq/part2
! Revision: 1.13 1996/12/07 06:42:15
! 
! 
! (Continued from Part 1, where you'll find the introduction and 
! table of contents.)
! 
! 
! ===============================================================================
! 
! Section 5.  CONFIGURATION
! 
!  Q5.1        Changing a Secondary server to a Primary server ?
!  Q5.2        Moving a Primary server to another server
!  Q5.3        How do I subnet a Class B Address ?
!  Q5.4        Subnetted domain name service
!  Q5.5        Recommended format/style of DNS files
!  Q5.6        DNS on a system not connected to the Internet
!  Q5.7        Multiple Domain configuration
!  Q5.8        wildcard MX records
!  Q5.9        How do you identify a wildcard MX record ?
!  Q5.10       Why are fully qualified domain names recommended ?
!  Q5.11       Distributing load using named
!  Q5.12       Order of returned records
!  Q5.13       resolv.conf
!  Q5.14       How do I delegate authority for sub-domains ?
!  Q5.15       DNS instead of NIS on a Sun OS 4.1.x system
!  Q5.16       Patches to add functionality to BIND 
!  Q5.17       How to serve multiple domains from one server
! 
! -----------------------------------------------------------------------------
! 
! Question 5.1.  Changing a Secondary server to a Primary server ?
! 
! Date: Fri Jul  5 23:54:35 EDT 1996
! 
! For 4.8.3,  it's prudent to kill and restart following any changes to
! named.boot.
! 
! In BIND 4.9.3, you only have to kill and restart named if you change a
! primary zone to a secondary or v-v, or if you delete a zone and remain
! authoritative for its parent.  Every other case should be taken care of by
! a HUP.  (Ed. note: 4.9.3b9 may still require you to kill and restart the
! server due to some bugs in the HUP code).
! 
! You will also need to update the server information on the root servers.
! You can do this by filing a new domain registration form to inform
! InterNIC of the change.  They will then update the root server's SOA
! records.  This process usually takes 10-12 business days after they
! receive the request.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.2.  Moving a Primary server to another server
  
+ Date: Fri Jul  5 23:54:35 EDT 1996
  
! The usual solution is to move the primary to ns.newserver.com, and have
! ns.oldserver.com be configured as a secondary server until the change  to
! the root servers takes place after the request has been made to the
! InterNIC.
  
! If you are moving to a different ISP which will change your IP's, the
! recommened setting for the SOA that would minimize problems for your name
! servers using the old settings can be done as follows:
  
! Gradually lower the TTL value in your SOA (that's the last one of the five
! numbers) to always be equal to the time left until you change over.
! (assuming that none of your resource records have individual TTL's set, if
! so, do likewise witht them.)  So, the day before, lower  to 43200 seconds
! (12 hours).  Then lower every few hours to be the time  remaining until
! the change-over.  So, an hour before the change, you may  just want to
! lower it all the way to 60 seconds or so.  That way no one  can cache
! information past the change-over.
  
! After the change, start gradually incrementing the TTL value, because
! you'll probably be making changes to work out problems.  Once everything
! stabilizes, move the TTL up to whatever your normal values are.
  
+ To minimize name servers from using the "old settings", you can do the
+ same thing with the "refresh" interval in the SOA (the second number of
+ the SOA).  That will tell the secondaries to refresh every X seconds.
+ Lower that value as you approach the changeover date.  You probably don't
+ want to go much below an hour or you'll start the primary thrashing as all
+ the secondaries perpetually refresh.
+ 
+ Also see the answer to the "How can I change the IP address of our server
+ ?" in the INTRODUCTION section.
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 5.3.  How do I subnet a Class B Address ?
+ 
  Date: Fri Apr 28 13:34:52 EDT 1995
  
! That you need to subnet at all is something of a misconception.  You can
! also think of a class B network as giving you 65,534 individual hosts, and
! such a network will work. You can also configure your class B as 16,384
! networks of 2 hosts each.  That's obviously not very practical, but it
! needs to be made clear that you are not constrained by the size of an
! octet (remember that many older devices would not work in a network
! configured in this manner).
! 
! So, the question is: why do you need to subnet?   One reason is that it is
! easier to manage a subnetted network, and in fact, you can delegate the
! responsibility for address space management to local administrators on the
! various subnets.  Also, IP based problems will end up localized rather
! than affecting your entire network.
! 
! If your network is a large backbone with numerous segments individually
! branching off the backbone, that too suggests subnetting.
! 
! Subnetting can also be used to improve routing conditions.
! 
! You may wish to partition your network to disallow certain protocols  on
! certain segments of your net.  You can, for example, restrict IP or IPX to
! certain segments only by adding a router routing high level  protocols,
! and across the router you may have to subnet.
! 
! Finally, as far as how many subnets you need depends on the answer to the
! above question.  As far as subnet masks are concerned, the mask can be
! anything from 255.0.0.0 to 255.255.255.252.  You'll probably be looking at
! 9 or 10 bits for the subnet (last octet 128 or 192 respectively).  RFC
! 1219 discusses the issue of subnetting very well  and leaves the network
! administrator with a large amount of flexibility for future growth.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.4.  Subnetted domain name service
! 
! Date: Mon Aug  5 23:00:16 EDT 1996
! 
! If you are looking for some examples of handling subnetted class C
! networks as separate DNS domains, see the Internet Draft
! 
! draft-ietf-cidrd-classless-inaddr-02.txt
! 
! for more information.   This file is available for anonymous ftp at
! 
! ds.internic.net :
! /internet-drafts/draft-ietf-cidrd-classless-inaddr-02.txt
! 
! or other IETF mirror sites (ftp.is.ca.za [Africa], nic.nordu.net [Europe],
! munnari.oz.au [Pacific Rim], ds.internic.net [US East Coast], or
! ftp.isi.edu [US West Coast]).
! 
! Details follow- You need to delegate down to the fourth octet, so you will
! have one domain per IP address !  Here is how you can subdelegate a
! in-addr.arpa address for non-byte aligned subnet masks:
! 
! Take as an example the net 192.1.1.x, and example subnet mask
! 255.255.255.240.
! 
! We first define the domain for the class C net,
! 
!    $origin  1.1.192.in-addr.arpa
!    @       SOA   (usual stuff)
!    @       ns  some.nameserver
!            ns  some.other.nameserver
!    ; delegate a subdomain
!    one     ns  one.nameserver
!            ns  some.nameserver
!    ; delegate another
!    two     ns  two.nameserver
!            ns  some.nameserver
!    ; CNAME pointers to subdomain one
!    0       CNAME 0.one
!    1       CNAME 1.one
!    ;    through
!    15      CNAME 15.one
!    ; CNAME pointers to subdomain two
!    16      CNAME 16.two
!    17      CNAME 17.two
!    31      CNAME 31.two
!    ; CNAME as many as required.
! 
! Now, in the delegated nameserver, one.nameserver
! 
!    $origin one.1.1.192.in-addr.arpa
!    @       SOA (usual stuff)
!            NS  one.nameserver
!            NS  some.nameserver   ;  secondary for us
!    0       PTR  onenet.one.domain
!    1       PTR  onehost.one.domain
!    ;   through
!    15      PTR  lasthost.one.domain
! 
! And similar for the two.1.1.192.in-addr.arpa delegated domain.
  
+ There is additional documentation and a perl script that may be used for
+ this purpose available for anonymous ftp from:
  
! ftp.vix.com : /pub/bind/contrib/gencidrzone
  
! -----------------------------------------------------------------------------
  
! Question 5.5.  Recommended format/style of DNS files
  
  Date: Sun Nov 27 23:32:41 EST 1994
  
! This answer is quoted from an article posted by Paul Vixie:
! 
     I've gone back and forth on the question of whether the BOG should
     include a section on this topic.  I know what I myself prefer, but
     I'm wary of ramming my own stylistic preferences down the throat of
***************
*** 399,587 ****
     perl/tcl/awk/python tools) will help you maintain a consistent
     universe even if it's also a complex one.  Editing by hand doesn't
     have to be deadly but you MUST take care.
!  
! ------------------------------
!  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q4.5 - DNS on a system not connected to the Internet
  
!  
! Q: How do I use DNS on a system that is not connected to the Internet or
!    set BIND up with an internal root server ?
!  
! A: You need to create your own root domain name server until you connect 
!    to the internet.  Your roots need to delegate to mydomain.com and any
!    in-addr.arpa subdomains you might have, and that's about it.  As
!    soon as you're connected, rip out the fake roots and use the real
!    ones.
!  
!    It does not actually have to be another server pretending to be the root.
!    You can set up the name server so that it is primary for each domain
!    above you and leave them empty (i.e. you are foo.bar.com - claim to be
!    primary for bar.com and com)
!  
! Q: What if you connect intermittently and want DNS to work when you are
!    connected, and "fail" when you are not ?
!  
! A: You can point the resolver at the name server at the remote site and
!    if the connection (SLIP/PPP) isn't up, the resolver doesn't have a
!    route to the remote server and since there's only one name server in
!    resolv.conf, the resolver quickly backs off the using /etc/hosts.
!    No problem.  You could do the same with multiple name server and a
!    resolver that did configurable /etc/hosts fallback.
!  
! ------------------------------
!  
  Date: Fri Dec  2 15:40:49 EST 1994
- Subject: Q4.6 -Multiple Domain configuration
  
!  
! Q: I have seen sites that seem to have multiple domain names pointing to the
!    same destination. I would like to implement this and have found no
!    information explaining how to do it. What I would like to do is:
!  
        ftp ftp.biff.com connects user to -> ftp.biff.com
        ftp ftp.fred.com connects user to -> ftp.biff.com
        ftp ftp.bowser.com connects user to -> ftp.biff.com
!  
! A: This is done through CNAME records:
!  
        ftp.bowser.com.         IN      CNAME ftp.biff.com.
  
!     You can also do the same thing with multiple A records.
!    
!  
! ------------------------------
!  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q4.7 - wildcard MX records
  
! Q: Does BIND not understand wildcard MX records such as the following?
!  
       *.foo.com       MX      0       mail.foo.com.
-  
- A: Explicit RR's at one level of specificity will, by design, "block" a
-    wildcard at a lesser level of specificity. I suspect that you have
-    an RR (an A RR, perhaps?) for "bar.foo.com" which is blocking the
-    application of your "*.foo.com" wildcard. The initial MX query is
-    thus failing (NOERROR but an answer count of 0), and the backup
-    query finds the A RR for "bar.foo.com" and uses it to deliver the
-    mail directly (which is what you DIDN'T want it to do).  Adding an
-    explicit MX RR for the host is therefore the right way to handle
-    this situation.
-  
-    See RFC 1034, Section 4.3.3 ("Wildcards") for more information on
-    this "blocking" behavior, along with an illustrative example. See
-    also RFC 974 for an explanation of standard mailer behavior in the
-    face of an "empty" response to one's MX query.
-  
-    Basically, what it boils down to is, there is no point in trying to
-    use a wildcard MX for a host which is otherwise listed in the DNS.
-    It just doesn't work.
-  
- ------------------------------
  
! Date: Thu Dec  1 11:10:39 EST 1994
! Subject: Q4.8 - How to identify a wildcard MX record
  
  
! Q: How do you identify a wildcard MX record ?
  
! A: You don't really need to "identify" a wildcard MX RR.  The precedence 
!    for u@dom is:
!  
          exact match MX
          exact match A
          wildcard MX
-  
-    One way to implement this is to query for ("dom",IN,MX) and if the
-    answer name that comes back is "*." something, you know it's a
-    wildcard, therefore you know there is no exact match MX, and you
-    therefore query for ("dom",IN,A) and if you get something, use it.
-    if you don't, use the previous wildcard response.
-  
-    RFC 974 explains this pretty well.
-  
- ------------------------------
  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q4.9 - Why are fully qualified domain names recommended ?
  
!  
! Q: Why are fully qualified domain names recommended ?
!  
! A: The documentation for BIND 4.9.2 says that the hostname should be set 
!    to the full domain style name (i.e host.our.domain rather than
!    host).  What advantages are there in this, and are there any adverse
!    consequences if we don't?
!  
! A: Paul Vixie likes to do it :-)  He lists a few reasons -
!  
!    * Sendmail can be configured to just use Dj$w rather than
!      Dj$w.mumble where "mumble" is something you have to edit in by
!      hand.  Granted, most people use "mumble" elsewhere in their config
!      files ("tack on local domain", etc) but why should it be a
!      requirement ?
!  
!    * The real reason is that not doing it violates a very useful invariant:
!  
      gethostbyname(gethostname) == gethostbyaddr(primary_interface_address)
!  
!      If you take an address and go "backwards" through the PTR's with
!      it, you'll get a FQDN, and if you push that back through the A
!      RR's, you get the same address.  Or you should.  Many multi-homed
!      hosts violate this uncaringly.
! 
!      If you take a non-FQDN hostname and push it "forwards" through the
!      A RR's, you get an address which, if you push it through the
!      PTR's, comes back as a FQDN which is not the same as the hostname
!      you started with.  Consider the fact that, absent NIS/YP, there is
!      no "domainname" command analogous to the "hostname" command.
!      (NIS/YP's doesn't count, of course, since it's
!      sometimes-but-only-rarely the same as the Internet domain or
!      subdomain above a given host's name.)  The "domain" keyword in
!      resolv.conf doesn't specify the parent domain of the current host;
!      it specifies the default domain of queries initiated on the
!      current host, which can be a very different thing.  (As of RFC
!      1535 and BIND 4.9.2's compliance with it, most people use "search"
!      in resolv.conf, which overrides "domain", anyway.)
!  
!      What this means is that there is NO authoritative way to
!      programmatically discover your host's FQDN unless it is set in the
!      hostname, or unless every application is willing to grovel the
!      "netstat -in" tables, find what it hopes is the primary address,
!      and do a PTR query on it.
!  
!      FQDN /bin/hostnames are, intuitively or not, the simplest way to go.
!  
! ------------------------------
  
  Date: Wed Mar  1 11:04:43 EST 1995
- Subject: Q4.10 - Distributing load using named
-  
- Q: If you attempt to distribute the load on a system using named, won't 
-    the first response be cached, and then later queries use the cached
-    value? (This would be for requests that come through the same
-    server.)
-  
- A: Yes.  So it can be useful to use a lower TTL on records where this is
-    important.  You can use values like 300 or 500 seconds.
  
!    If your local caching server has ROUND_ROBIN, it does not matter
!    what the authoritative servers have -- every response from the cache
!    is rotated.
! 
!    But if it doesn't, and the authoritative server site is depending on
!    this feature (or the old "shuffle-A") to do load balancing, then if
!    one doesn't use small TTLs, one could conceivably end up with a
!    really nasty situation, e.g., hundreds of workstations at a branch
!    campus pounding on the same front end at the authoritative server's
!    site during class registration.
  
!    Not nice.
  
! A: Paul Vixie has an example of the ROUND_ROBIN code in action.  Here is 
!    something that he wrote regarding his example:
  
       >I want users to be distributed evenly among those 3 hosts.
  
--- 379,552 ----
     perl/tcl/awk/python tools) will help you maintain a consistent
     universe even if it's also a complex one.  Editing by hand doesn't
     have to be deadly but you MUST take care.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.6.  DNS on a system not connected to the Internet
! 
  Date: Sun Nov 27 23:32:41 EST 1994
  
! You need to create your own root domain name server until you connect  to
! the internet.  Your roots need to delegate to mydomain.com and any
! in-addr.arpa subdomains you might have, and that's about it.  As soon as
! you're connected, rip out the fake roots and use the real ones.
! 
! It does not actually have to be another server pretending to be the root.
! You can set up the name server so that it is primary for each domain above
! you and leave them empty (i.e. you are foo.bar.com - claim to be primary
! for bar.com and com)
! 
! If you connect intermittently and want DNS to work when you are connected,
! and "fail" when you are not, you can point the resolver at the name server
! at the remote site and if the connection (SLIP/PPP) isn't up, the resolver
! doesn't have a route to the remote server and since there's only one name
! server in resolv.conf, the resolver quickly backs off the using
! /etc/hosts.  No problem.  You could do the same with multiple name server
! and a resolver that did configurable /etc/hosts fallback.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.7.  Multiple Domain configuration
! 
  Date: Fri Dec  2 15:40:49 EST 1994
  
! If you want to have multiple domain names pointing to the same
! destination, such as:
! 
        ftp ftp.biff.com connects user to -> ftp.biff.com
        ftp ftp.fred.com connects user to -> ftp.biff.com
        ftp ftp.bowser.com connects user to -> ftp.biff.com
! 
! You may do this by using CNAMEs:
! 
        ftp.bowser.com.         IN      CNAME ftp.biff.com.
  
! You can also do the same thing with multiple A records.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.8.  wildcard MX records
! 
  Date: Sun Nov 27 23:32:41 EST 1994
  
! Does BIND not understand wildcard MX records such as the following?
! 
       *.foo.com       MX      0       mail.foo.com.
  
! No. It just doesn't work.
  
+ Explicit RR's at one level of specificity will, by design, "block" a
+ wildcard at a lesser level of specificity. I suspect that you have an RR
+ (an A RR, perhaps?) for "bar.foo.com" which is blocking the application of
+ your "*.foo.com" wildcard. The initial MX query is thus failing (NOERROR
+ but an answer count of 0), and the backup query finds the A RR for
+ "bar.foo.com" and uses it to deliver the mail directly (which is what you
+ DIDN'T want it to do).  Adding an explicit MX RR for the host is therefore
+ the right way to handle this situation.
+ 
+ See RFC 1034, Section 4.3.3 ("Wildcards") for more information on this
+ "blocking" behavior, along with an illustrative example. See also RFC 974
+ for an explanation of standard mailer behavior in the face of an "empty"
+ response to one's MX query.
  
! Basically, what it boils down to is, there is no point in trying to use a
! wildcard MX for a host which is otherwise listed in the DNS.
  
! It just doesn't work.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.9.  How do you identify a wildcard MX record ?
! 
! Date: Thu Dec  1 11:10:39 EST 1994
! 
! You don't really need to "identify" a wildcard MX RR.  The precedence  for
! u@dom is:
! 
          exact match MX
          exact match A
          wildcard MX
  
+ One way to implement this is to query for ("dom",IN,MX) and if the answer
+ name that comes back is "*." something, you know it's a wildcard,
+ therefore you know there is no exact match MX, and you therefore query for
+ ("dom",IN,A) and if you get something, use it.  if you don't, use the
+ previous wildcard response.
+ 
+ RFC 974 explains this pretty well.
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 5.10.  Why are fully qualified domain names recommended ?
+ 
  Date: Sun Nov 27 23:32:41 EST 1994
  
! The documentation for BIND 4.9.2 says that the hostname should be set  to
! the full domain style name (i.e host.our.domain rather than host).  What
! advantages are there in this, and are there any adverse consequences if we
! don't?
! 
! Paul Vixie likes to do it :-)  He lists a few reasons -
! 
! * Sendmail can be configured to just use Dj$w rather than Dj$w.mumble
!   where "mumble" is something you have to edit in by hand.  Granted, most
!   people use "mumble" elsewhere in their config files ("tack on local
!   domain", etc) but why should it be a requirement ?
! * The real reason is that not doing it violates a very useful invariant:
      gethostbyname(gethostname) == gethostbyaddr(primary_interface_address)
! 
!   If you take an address and go "backwards" through the PTR's with it,
!   you'll get a FQDN, and if you push that back through the A RR's, you get
!   the same address.  Or you should.  Many multi-homed hosts violate this
!   uncaringly.
! 
!   If you take a non-FQDN hostname and push it "forwards" through the A
!   RR's, you get an address which, if you push it through the PTR's, comes
!   back as a FQDN which is not the same as the hostname you started with.
!   Consider the fact that, absent NIS/YP, there is no "domainname" command
!   analogous to the "hostname" command.  (NIS/YP's doesn't count, of
!   course, since it's sometimes-but-only-rarely the same as the Internet
!   domain or subdomain above a given host's name.)  The "domain" keyword in
!   resolv.conf doesn't specify the parent domain of the current host; it
!   specifies the default domain of queries initiated on the current host,
!   which can be a very different thing.  (As of RFC 1535 and BIND 4.9.2's
!   compliance with it, most people use "search" in resolv.conf, which
!   overrides "domain", anyway.)
! 
!   What this means is that there is NO authoritative way to
!   programmatically discover your host's FQDN unless it is set in the
!   hostname, or unless every application is willing to grovel the "netstat
!   -in" tables, find what it hopes is the primary address, and do a PTR
!   query on it.
  
+   FQDN /bin/hostnames are, intuitively or not, the simplest way to go.
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 5.11.  Distributing load using named
+ 
  Date: Wed Mar  1 11:04:43 EST 1995
  
! When you attempt to distribute the load on a system using named, the first
! response be cached, and then later queries use the cached value (This
! would be for requests that come through the same server).  Therefore, it
! can be useful to use a lower TTL on records where this is important.  You
! can use values like 300 or 500 seconds.
! 
! If your local caching server has ROUND_ROBIN, it does not matter what the
! authoritative servers have -- every response from the cache is rotated.
! 
! But if it doesn't, and the authoritative server site is depending on this
! feature (or the old "shuffle-A") to do load balancing, then if one doesn't
! use small TTLs, one could conceivably end up with a really nasty
! situation, e.g., hundreds of workstations at a branch campus pounding on
! the same front end at the authoritative server's site during class
! registration.
  
! Not nice.
  
! Paul Vixie has an example of the ROUND_ROBIN code in action.  Here is
! something that he wrote regarding his example:
  
       >I want users to be distributed evenly among those 3 hosts.
  
***************
*** 613,658 ****
        addresses you probably don't care and would just use a pile of
        CNAME's pointing directly at real host names.
  
!       {hydra.ugly.vix.com}
        name: hydra2.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.2.0.2 10.2.0.3 10.2.0.1
  
!       {hydra.ugly.vix.com}
        name: hydra3.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.3.0.2 10.3.0.3 10.3.0.1
  
!       {hydra.ugly.vix.com}
        name: hydra1.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.1.0.2 10.1.0.3 10.1.0.1
  
!       {hydra.ugly.vix.com}
        name: hydra2.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.2.0.3 10.2.0.1 10.2.0.2
  
!       {hydra.ugly.vix.com}
        name: hydra3.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.3.0.3 10.3.0.1 10.3.0.2
  
!  
! ------------------------------
!  
! Date: Sun Dec  4 22:12:32 EST 1994
! Subject: Q4.11 - Order of returned records
  
! Q: Is there any way to tell named to return records, specifically
!    address records, in the order in which they are listed in the
!    database?
  
!    It would appear that named consistently applies a sorting algorithm
!    to address records which seems to be virtually guaranteed to be
!    pessimal for our routers, which have many A records.
  
- A: Sorting, is the *resolver's* responsibility.  RFC 1123:
  
           6.1.3.4  Multihomed Hosts
  
--- 578,614 ----
        addresses you probably don't care and would just use a pile of
        CNAME's pointing directly at real host names.
  
!       {hydra.ugly.vix.com
        name: hydra2.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.2.0.2 10.2.0.3 10.2.0.1
  
!       {hydra.ugly.vix.com
        name: hydra3.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.3.0.2 10.3.0.3 10.3.0.1
  
!       {hydra.ugly.vix.com
        name: hydra1.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.1.0.2 10.1.0.3 10.1.0.1
  
!       {hydra.ugly.vix.com
        name: hydra2.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.2.0.3 10.2.0.1 10.2.0.2
  
!       {hydra.ugly.vix.com
        name: hydra3.ugly.vix.com
        aliases: hydra.ugly.vix.com
        addresses: 10.3.0.3 10.3.0.1 10.3.0.2
  
! -----------------------------------------------------------------------------
  
! Question 5.12.  Order of returned records
  
! Sorting, is the *resolver's* responsibility.  RFC 1123:
  
  
           6.1.3.4  Multihomed Hosts
  
***************
*** 672,690 ****
                   configuration information set by the system
                   administrator.
  
!    In BIND 4.9.x's resolver code, the "sortlist" directive in resolv.conf 
!    can be used to configure this.
  
! ------------------------------
  
! Date: Fri Feb 10 15:46:17 EST 1995
! Subject: Q4.12 - resolv.conf
  
  
! Q: Why should I use "real" IP addresses in /etc/resolv.conf and not 0.0.0.0 
!    or 127.0.0.1.
  
! A: Paul Vixie writes on the issue of the contents of resolv.conf:
  
     It's historical.  Some kernels can't unbind a UDP socket's source
     address, and some resolver versions (notably not including BIND
--- 628,646 ----
                   configuration information set by the system
                   administrator.
  
! In BIND 4.9.x's resolver code, the "sortlist" directive in resolv.conf
! can be used to configure this.
  
! -----------------------------------------------------------------------------
  
! Question 5.13.  resolv.conf
  
+ Date: Fri Feb 10 15:46:17 EST 1995
  
! The question was asked one time, "Why should I use 'real' IP addresses in
! /etc/resolv.conf and not 0.0.0.0 or 127.0.0.1" ?
  
! Paul Vixie writes on the issue of the contents of resolv.conf:
  
     It's historical.  Some kernels can't unbind a UDP socket's source
     address, and some resolver versions (notably not including BIND
***************
*** 714,754 ****
     otherwise share identical copies of your resolv.conf on all the
     systems on any given subnet, not all of which will be servers.
  
! A: The problem was with older versions of the resolver (4.8.X).  If you
!    listed 127.0.0.1 as the first entry in resolv.conf, and for whatever
!    reason the local name server wasn't running and the resolver fell
!    back to the second name server listed, it would send queries to the
!    name server with the source IP address set to 127.0.0.1 (as it was
!    set when the resolver was trying to send to 127.0.0.1--you use the
!    loopback address to send to the loopback address).
! 
! ------------------------------
! 
! Date: Mon Jan  2 13:50:13 EST 1995
! Subject: Q4.13 - Delegating authority 
! 
! Q: How do I delegate authority for domains within my domain ?
! 
! A: When you start having a very big domain that can be broken into logical 
!    and separate entities that can look after their own DNS information,
!    you will probably want to do this.  Maintain a central area for the
!    things that everyone needs to see and delegate the authority for the
!    other parts of the organization so that they can manage themselves.
!     
!    Another essential piece of information is that every domain that
!    exists must have it NS records associated with it.  These NS records
!    denote the name servers that are queried for information about that
!    zone.  For your zone to be recognized by the outside world, the
!    server responsible for the zone above you must have created a NS
!    record for your machine in your domain.  For example, putting the
!    computer club onto the network and giving them control over their
!    own part of the domain space we have the following.
!    
!    The machine authorative for gu.uwa.edu.au is mackerel and the machine
!    authorative for ucc.gu.uwa.edu.au is marlin.
!     
!    in mackerel's data for gu.uwa.edu.au we have the following
!     
     @               IN      SOA ...
                     IN      A       130.95.100.3
                     IN      MX      mackerel.gu.uwa.edu.au.
--- 670,709 ----
     otherwise share identical copies of your resolv.conf on all the
     systems on any given subnet, not all of which will be servers.
  
! The problem was with older versions of the resolver (4.8.X).  If you
! listed 127.0.0.1 as the first entry in resolv.conf, and for whatever
! reason the local name server wasn't running and the resolver fell back to
! the second name server listed, it would send queries to the name server
! with the source IP address set to 127.0.0.1 (as it was set when the
! resolver was trying to send to 127.0.0.1--you use the loopback address to
! send to the loopback address).
! 
! -----------------------------------------------------------------------------
! 
! Question 5.14.  How do I delegate authority for sub-domains ?
! 
! Date: Sat Dec  7 02:04:17 EST 1996
! 
! When you start having a very big domain that can be broken into logical
! and separate entities that can look after their own DNS information, you
! will probably want to do this.  Maintain a central area for the things
! that everyone needs to see and delegate the authority for the other parts
! of the organization so that they can manage themselves.
! 
! Another essential piece of information is that every domain that exists
! must have it NS records associated with it.  These NS records denote the
! name servers that are queried for information about that zone.  For your
! zone to be recognized by the outside world, the server responsible for the
! zone above you must have created a NS record for your your new servers
! (NOTE that the new servers DO NOT  have to be in the new domain).  For
! example, putting the computer club onto the network and giving them
! control over their own part  of the domain space we have the following.
! 
! The machine authorative for gu.uwa.edu.au is mackerel and the machine
! authorative for ucc.gu.uwa.edu.au is marlin.
! 
! in mackerel's data for gu.uwa.edu.au we have the following
! 
     @               IN      SOA ...
                     IN      A       130.95.100.3
                     IN      MX      mackerel.gu.uwa.edu.au.
***************
*** 759,799 ****
     ucc             IN      NS      marlin.gu.uwa.edu.au.
                     IN      NS      mackerel.gu.uwa.edu.au.
  
!    Marlin is also given an IP in our domain as a convenience.  If they
!    blow up their name serving there is less that can go wrong because
!    people can still see that machine which is a start.  You could place
!    "marlin.ucc" in the first column and leave the machine totally
!    inside the ucc domain as well.
!  
!    The second NS line is because mackerel will be acting as secondary name
!    server for the ucc.gu domain.  Do not include this line if you are not
!    authorative for the information included in the sub-domain.
  
  
! ------------------------------
  
! Date: Wed Mar  1 11:45:00 EST 1995
! Subject: Q4.14 - DNS instead of NIS on a Sun OS 4.1.x system
  
! Q: I would appreciate any comments on whether running bind 4.9.x will 
!    enable sendmail, ftp, telnet and other TCP/IP services to bypass
!    NIS and connect directly to named.
!  
! A: How to do this is documented quite well in the comp.sys.sun.admin FAQ in
!    questions one and two.  You can get them from:
  
!       ftp://thor.ece.uc.edu/pub/sun-faq/FAQs/sun-faq.general 
!       http://www.cis.ohio-state.edu/hypertext/faq/usenet/comp-sys-sun-faq
  
!    as well as from rtfm.mit.edu in the usual place, etc.
!  
  
! ------------------------------
  
  Date: Mon Jan  2 13:49:43 EST 1995
- Subject: Q5.1 - No address for root server
  
-  
  Q: I've been getting the following messages lately from bind-4.9.2..
          ns_req: no address for root server
   
--- 714,831 ----
     ucc             IN      NS      marlin.gu.uwa.edu.au.
                     IN      NS      mackerel.gu.uwa.edu.au.
  
! Marlin is also given an IP in our domain as a convenience.  If they blow
! up their name serving there is less that can go wrong because people can
! still see that machine which is a start.  You could place "marlin.ucc" in
! the first column and leave the machine totally inside the ucc domain as
! well.
  
+ The second NS line is because mackerel will be acting as secondary name
+ server for the ucc.gu domain.  Do not include this line if you are not
+ authorative for the information included in the sub-domain.
  
! -----------------------------------------------------------------------------
  
! Question 5.15.  DNS instead of NIS on a Sun OS 4.1.x system
  
! Date: Sat Dec  7 01:14:17 EST 1996
  
! Comments relating to running bind 4.9.x on a Sun OS 4.1.x system and the
! effect on sendmail, ftp, telnet and other TCP/IP services bypassing NIS
! and directly using named is documented quite well in the
! comp.sys.sun.admin FAQ in questions one and two.  You can get them from:
  
! * ftp.ece.uc.edu : /pub/sun-faq/FAQs/sun-faq.general
! * http://www.cis.ohio-state.edu/hypertext/faq/usenet/comp-sys-sun-faq
! 
! as well as from rtfm.mit.edu in the usual place, etc.
! 
! -----------------------------------------------------------------------------
! 
! Question 5.16.  Patches to add functionality to BIND
! 
! Date: Tue Nov  5 23:53:47 EST 1996
! 
! There are others, but these are listed here:
! 
! * When using the round robin DNS and assigning 3 IPs to a host (for
!   example), a process to guarantee that all 3 IPs are reachable may be
!   found  at
!   http://www-leland.stanford.edu/~schemers/docs/lbnamed/lbnamed.html
! 
! * Patches for 4.9.3-REL that will support the IPv6 AAAA record format may
!   be  found at ftp.inria.fr : /network/ipv6/
! 
! * A patch for 4.9.3-REL that will allow you to turn off forwarding of
!   information from my server may be found at ftp.vix.com :
!   /pub/bind/release/4.9.3/contrib/noforward.tar.gz
! 
! * How do I tell a server to listen to a particular interface to listen and
!   respond to DNS queries on ?
! 
!   Mark Andrews has a patch that will tell a 4.9.4 server to listen to a
!   particular interface and respond to DNS queries.  It may be found at an
!   unofficial location: http://www.ultra.net/~jzp/andrews.patch.txt
! 
! -----------------------------------------------------------------------------
! 
! Question 5.17.  How to serve multiple domains from one server
! 
! Date: Tue Nov  5 23:44:02 EST 1996
! 
! Most name server implementations allow information about multiple domains
! to be kept on one server, and questions about those domains  to be
! answered by that one server.  For instance, there are many large  servers
! on the Internet that each serve information about more than  1000
! different domains.
! 
! To be completely accurate, a server contains information about zones,
! which are parts of domains that are kept as a single unit.  [Ed note: for
! a definition of zones and domains, see Section 2: The Name Service in the
! "Name Server Operations Guide" included with the BIND 4.9.5 distribution.]
  
! In the configuration of the name server, the additional zones need to be
! specified.  An important consideration is whether a particular server is
! primary or secondary for any specific zone--a secondary server maintains
! only a copy of the zone, periodically refreshing its copy from another,
! specified, server.  In BIND, to set up a server as a secondary server for
! the x.y.z zone, to the configuration file /etc/named.boot add the line
  
+       secondary   x.y.z   10.0.0.1        db.x.y.z
+ 
+ where 10.0.0.1 is the IP address of the server that the zone will be
+ copied from, and db.x.y.z is a local filename that will contain the copy
+ of the zone.
+ 
+ If this is a question related to how to set up multiple IP numbers on one
+ system, which you do not need to do to act as a domain server for
+ multiple domains, see
+ 
+ http://www.thesphere.com/%7Edlp/TwoServers/.
+ 
+ ===============================================================================
+ 
+ Section 6.  PROBLEMS
+ 
+  Q6.1        No address for root server
+  Q6.2        Error - No Root Nameservers for Class XX
+  Q6.3        Bind 4.9.x and MX querying?
+  Q6.4        Do I need to define an A record for localhost ?
+  Q6.5        MX records, CNAMES and A records for MX targets
+  Q6.6        Can an NS record point to a CNAME ?
+  Q6.7        Nameserver forgets own A record
+  Q6.8        General problems (core dumps !)
+  Q6.9        malloc and DECstations
+  Q6.10       Can't resolve names without a "."
+  Q6.11       Err/TO errors being reported
+  Q6.12       Why does swapping kill BIND ?
+ 
+ -----------------------------------------------------------------------------
+ 
+ Question 6.1.  No address for root server
+ 
  Date: Mon Jan  2 13:49:43 EST 1995
  
  Q: I've been getting the following messages lately from bind-4.9.2..
          ns_req: no address for root server
   
***************
*** 803,830 ****
          .               99999999    IN  NS  POBOX.FOOBAR.COM.
                          99999999    IN  NS  FOOHOST.FOOBAR.COM.
          foobar.com.     99999999    IN  NS  pobox.foobar.com.
!  
! A:  You can't do that.  Your nameserver contacts POBOX.FOOBAR.COM, gets the
!     correct list of root servers from it, then tries again and fails
!     because of your firewall.
!  
!     You will need a 'forwarder' definition, to ensure that all requests
!     are forwarded to a host which can penetrate the firewall.  And
!     it is unwise to put phony data into 'named.cache'.
!  
! ------------------------------
  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q5.2 - Error - No Root Nameservers for Class XX
  
  Q: I've received errors before about "No root nameservers for class XX"
     but they've been because of network connectivity problems.
     I believe that Class 1 is Internet Class data.
     And I think I heard someone say that Class 4 is Hesiod??
     Does anyone know what the various Class numbers are?
  
- A:  From RFC 1700:
- 
         DOMAIN NAME SYSTEM PARAMETERS
         The Internet Domain Naming System (DOMAIN) includes several
         parameters.  These are documented in [RFC1034] and [RFC1035].  The
--- 835,861 ----
          .               99999999    IN  NS  POBOX.FOOBAR.COM.
                          99999999    IN  NS  FOOHOST.FOOBAR.COM.
          foobar.com.     99999999    IN  NS  pobox.foobar.com.
! You can't do that.  Your nameserver contacts POBOX.FOOBAR.COM, gets the
! correct list of root servers from it, then tries again and fails because
! of your firewall.
! 
! You will need a 'forwarder' definition, to ensure that all requests are
! forwarded to a host which can penetrate the firewall.  And it is unwise to
! put phony data into 'named.cache'.
! 
! -----------------------------------------------------------------------------
! 
! Question 6.2.  Error - No Root Nameservers for Class XX
  
  Date: Sun Nov 27 23:32:41 EST 1994
  
  Q: I've received errors before about "No root nameservers for class XX"
     but they've been because of network connectivity problems.
     I believe that Class 1 is Internet Class data.
     And I think I heard someone say that Class 4 is Hesiod??
     Does anyone know what the various Class numbers are?
+ From RFC 1700:
  
         DOMAIN NAME SYSTEM PARAMETERS
         The Internet Domain Naming System (DOMAIN) includes several
         parameters.  These are documented in [RFC1034] and [RFC1035].  The
***************
*** 844,887 ****
            65535  Reserved                                           [PM1]
  
  DNS information for RFC 1700 was taken from
  
!         ftp://ftp.isi.edu/in-notes/iana/assignments/dns-parameters
  
!    Hesiod is class 4, and there are no official root nameservers for class 
!    4, so you can safely declare yourself one if you like.  You might want 
!    to put up a packet filter so that no one outside your network is capable 
!    of making Hesiod queries of your machines, if you define yourself to be 
!    a root nameserver for class 4.
  
! ------------------------------
!  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q5.3 - Bind 4.9.x and MX querying?
  
!  
! Q: If I query a 4.9.x DNS server for MX records, a list of the MX records 
!    as well as a list of the authorative nameservers is returned.  Why ?
!  
! A: Bind 4.9.2 returns the list of nameserver that are authorative
!    for a domain in the response packet, along with their IP
!    addresses in the additional section.
!  
! ------------------------------
  
  Date: Sat Sep  9 00:36:01 EDT 1995
- Subject: Q5.4 - Some root nameservers don't know localhost
  
! Q: Do I need to define an A record for localhost ?
  
-    Where is the A record for 127.0.0.1 defined?  I see where
-    the PTR record is defined pointing to localhost, but can't find
-    where the A record is.  And is the A record supposed to be
-    localhost.MY_DOMAIN or just localhost ?
- 
- A: Somewhere deep in the BOG (BIND Operations Guide) that came with
-    4.9.3 (section 5.4.3), it says that you define this yourself 
-    (if need be) in the same zone files as your "real" IP addresses 
-    for your domain.  Quoting the BOG:
  
                                   ... As  implied by this PTR
           record, there should be a  ``localhost.my.dom.ain''
--- 875,911 ----
            65535  Reserved                                           [PM1]
  
  DNS information for RFC 1700 was taken from
+ ftp.isi.edu : /in-notes/iana/assignments/dns-parameters
  
! Hesiod is class 4, and there are no official root nameservers for class 4,
! so you can safely declare yourself one if you like.  You might want  to
! put up a packet filter so that no one outside your network is capable  of
! making Hesiod queries of your machines, if you define yourself to be  a
! root nameserver for class 4.
  
! -----------------------------------------------------------------------------
  
! Question 6.3.  Bind 4.9.x and MX querying?
! 
  Date: Sun Nov 27 23:32:41 EST 1994
  
! If you query a 4.9.x DNS server for MX records, a list of the MX records
! as well as a list of the authorative nameservers is returned.  This
! happens because bind 4.9.2 returns the list of nameserver that are
! authorative for a domain in the response packet, along with their IP
! addresses in the additional section.
! 
! -----------------------------------------------------------------------------
! 
! Question 6.4.  Do I need to define an A record for localhost ?
  
  Date: Sat Sep  9 00:36:01 EDT 1995
  
! Somewhere deep in the BOG (BIND Operations Guide) that came with 4.9.3
! (section 5.4.3), it says that you define this yourself  (if need be) in
! the same zone files as your "real" IP addresses  for your domain.  Quoting
! the BOG:
  
  
                                   ... As  implied by this PTR
           record, there should be a  ``localhost.my.dom.ain''
***************
*** 890,946 ****
           trailing dot when 1.0.0.127.in-addr.arpa is queried
           for;...
  
!    The sample files in the BIND distribution show you what needs to be
!    done (see the BOG).
  
!    Some HP boxen (especially those running HP OpenView) will also need
!    "loopback" defined with this IP address.   You may set it as a CNAME 
!    record pointing to the "localhost." record.
  
! ------------------------------
!  
  Date: Sun Nov 27 23:32:41 EST 1994
- Subject: Q5.5 - MX records and CNAMES and separate A records for MX targets
  
! Q: The O'Reilly "DNS and Bind" book warns against using non-canonical
!    names in MX records, however, this warning is given in the context
!    of mail hubs that MX to each other for backup purposes.  I don't see
!    how this applies to mail spokes.  RFC 974 has a similar warning, but
!    I can not see where it specifically prohibits using an alias in an
!    MX record.
!  
! A: Without the restrictions in the RFC, a MTA must request the A records 
!    for every MX listed to determine if it is in the MX list then reduce
!    the list. This introduces many more lookups than would other wise be
!    required. If you are behind a 1200 bps link YOU DON'T WANT TO DO
!    THIS. The addresses associated with CNAMES are not passed as
!    additional data so you will force additional traffic to result even
!    if you are running a caching server locally.
!  
!    There is also the problem of how does the MTA find all of it's
!    IP addresses. This is not straight forward. You have to be able
!    to do this is you allow CNAMEs (or extra A's) as MX targets.
!  
!    The letter of the law is that an MX record should point to an A record.
!        
!    There is no "real" reason to use CNAMEs for MX targets or separate
!    As for nameservers any more. CNAMEs for services other than mail
!    should be used because there is no specified method for locating the
!    desired server yet.
!  
!    People don't care what the names of MX targets are.  They're
!    invisible to the process anyway.  If you have mail for "mary"
!    redirected to "sue" is totally irrelevant.  Having CNAMEs as the
!    targets of MX's just needlessly complicates things, and is more work
!    for the resolver.
!  
!    Having separate A's for nameservers like "ns.your.domain" is
!    pointless too, since again nobody cares what the name of your
!    nameserver is, since that too is invisible to the process.  If you
!    move your nameserver from "mary.your.domain" to "sue.your.domain"
!    nobody need care except you and your parent domain administrator
!    (and the InterNIC).  Even less so for mail servers, since only you
!    are affected.
  
  Q: Given the example - 
  
--- 914,967 ----
           trailing dot when 1.0.0.127.in-addr.arpa is queried
           for;...
  
! The sample files in the BIND distribution show you what needs to be done
! (see the BOG).
  
! Some HP boxen (especially those running HP OpenView) will also need
! "loopback" defined with this IP address.   You may set it as a CNAME
! record pointing to the "localhost." record.
  
! -----------------------------------------------------------------------------
! 
! Question 6.5.  MX records, CNAMES and A records for MX targets
! 
  Date: Sun Nov 27 23:32:41 EST 1994
  
! The O'Reilly "DNS and Bind" book warns against using non-canonical names
! in MX records, however, this warning is given in the context of mail hubs
! that MX to each other for backup purposes.  How does this apply to mail
! spokes.  RFC 974 has a similar warning, but where is it specifically
! prohibited to us an alias in an MX record ?
! 
! Without the restrictions in the RFC, a MTA must request the A records  for
! every MX listed to determine if it is in the MX list then reduce the list.
! This introduces many more lookups than would other wise be required. If
! you are behind a 1200 bps link YOU DON'T WANT TO DO THIS. The addresses
! associated with CNAMES are not passed as additional data so you will force
! additional traffic to result even if you are running a caching server
! locally.
! 
! There is also the problem of how does the MTA find all of it's IP
! addresses. This is not straight forward. You have to be able to do this is
! you allow CNAMEs (or extra A's) as MX targets.
! 
! The letter of the law is that an MX record should point to an A record.
! 
! There is no "real" reason to use CNAMEs for MX targets or separate As for
! nameservers any more. CNAMEs for services other than mail should be used
! because there is no specified method for locating the desired server yet.
! 
! People don't care what the names of MX targets are.  They're invisible to
! the process anyway.  If you have mail for "mary" redirected to "sue" is
! totally irrelevant.  Having CNAMEs as the targets of MX's just needlessly
! complicates things, and is more work for the resolver.
! 
! Having separate A's for nameservers like "ns.your.domain" is pointless
! too, since again nobody cares what the name of your nameserver is, since
! that too is invisible to the process.  If you move your nameserver from
! "mary.your.domain" to "sue.your.domain" nobody need care except you and
! your parent domain administrator (and the InterNIC).  Even less so for
! mail servers, since only you are affected.
  
  Q: Given the example - 
  
***************
*** 968,974 ****
  
     Here's the relevant BOG snippet:
  
!          aliases    {ttl}   addr-class   CNAME   Canonical name
           ucbmonet           IN           CNAME   monet
  
           The  Canonical  Name resource record, CNAME, speci-
--- 989,995 ----
  
     Here's the relevant BOG snippet:
  
!          aliases    {ttl   addr-class   CNAME   Canonical name
           ucbmonet           IN           CNAME   monet
  
           The  Canonical  Name resource record, CNAME, speci-
***************
*** 981,992 ****
           their value (e.g., NS or MX) must list the  canoni-
           cal name, not the nickname.
  
! ------------------------------
!  
  Date: Wed Mar  1 11:14:10 EST 1995
! Subject: Q5.6 - NS is a CNAME
  
- Q: Can I do this ?  Is it legal ?
  
     @                       SOA     (.........)
                             NS      ns.host.this.domain.
--- 1002,1015 ----
           their value (e.g., NS or MX) must list the  canoni-
           cal name, not the nickname.
  
! -----------------------------------------------------------------------------
! 
! Question 6.6.  Can an NS record point to a CNAME ?
! 
  Date: Wed Mar  1 11:14:10 EST 1995
! 
! Can I do this ?  Is it legal ?
  
  
     @                       SOA     (.........)
                             NS      ns.host.this.domain.
***************
*** 994,1036 ****
     ns                      CNAME   third
     third           IN      A       xxx.xxx.xxx.xxx
  
! 
! A: No.  Only one RR type is allowed to refer, in its data field, to a
!    CNAME, and that's CNAME itself.  So CNAMEs can refer to CNAMEs but 
!    NSs and MXs cannot.
! 
!    BIND 4.9.3 (Beta11 and later) explicitly syslogs this case rather than 
!    simply failing as pre-4.9 servers did.  Here's a current example:
! 
!     Dec  7 00:52:18 gw named[17561]: \
!                    "foobar.com IN NS" points to a CNAME (foobar.foobar.com)
! 
!    Here is the reason why:
! 
!       Nameservers are not required to include CNAME records in the
!       Additional Info section returned after a query.  It's partly an
!       implementation decision and partly a part of the spec.  The
!       algorithm described in RFC 1034 (pp24,25; info also in RFC 1035,
!       section 3.3.11, p 18) says 'Put whatever addresses are available
!       into the additional section, using glue RRs [if necessary]'.
!       Since NS records are speced to contain only primary names of
!       hosts, not CNAMEs, then there's no reason for algorithm to
!       mention them. If, on the other hand, it's decided to allow CNAMEs
!       in NS records (and indeed in other records) then there's no
!       reason that CNAME records might not be included along with A
!       records.  The Additional Info section is intended for any
!       information that might be useful but which isn't strictly the
!       answer to the DNS query processed.  It's an implementation
!       decision in as much as some servers used to follow CNAMEs in 
!       NS references.
  
  
! ------------------------------
  
  Date: Fri Dec  2 16:17:31 EST 1994
- Subject: Q5.7 - Nameserver forgets own A record
  
-  
  Q: Lately, I've been having trouble with named 4.9.2 and 4.9.3.  
     Periodically, the nameserver will seem to "forget" its own A record,
     although the other information stays intact.  One theory I had was
--- 1017,1055 ----
     ns                      CNAME   third
     third           IN      A       xxx.xxx.xxx.xxx
  
! No.  Only one RR type is allowed to refer, in its data field, to a CNAME,
! and that's CNAME itself.  So CNAMEs can refer to CNAMEs but  NSs and MXs
! cannot.
! 
! BIND 4.9.3 (Beta11 and later) explicitly syslogs this case rather than
! simply failing as pre-4.9 servers did.  Here's a current example:
! 
!       Dec  7 00:52:18 gw named[17561]: "foobar.com IN NS" \
!              points to a CNAME (foobar.foobar.com)
! 
! Here is the reason why:
! 
! Nameservers are not required to include CNAME records in the Additional
! Info section returned after a query.  It's partly an implementation
! decision and partly a part of the spec.  The algorithm described in RFC
! 1034 (pp24,25; info also in RFC 1035, section 3.3.11, p 18) says 'Put
! whatever addresses are available into the additional section, using glue
! RRs [if necessary]'.  Since NS records are speced to contain only primary
! names of hosts, not CNAMEs, then there's no reason for algorithm to
! mention them. If, on the other hand, it's decided to allow CNAMEs in NS
! records (and indeed in other records) then there's no reason that CNAME
! records might not be included along with A records.  The Additional Info
! section is intended for any information that might be useful but which
! isn't strictly the answer to the DNS query processed.  It's an
! implementation decision in as much as some servers used to follow CNAMEs
! in  NS references.
  
+ -----------------------------------------------------------------------------
  
! Question 6.7.  Nameserver forgets own A record
  
  Date: Fri Dec  2 16:17:31 EST 1994
  
  Q: Lately, I've been having trouble with named 4.9.2 and 4.9.3.  
     Periodically, the nameserver will seem to "forget" its own A record,
     although the other information stays intact.  One theory I had was
***************
*** 1044,1060 ****
     You get "ignoreds" because the primaries for the relevant zones are
     running old versions of BIND which pass out more glue than is
     required. named-xfer trims off this extra glue.
-  
- ------------------------------
  
! Date: Sun Dec  4 22:21:22 EST 1994
! Subject: Q5.8 - General problems (core dumps !)
  
! Q: I am running bind 4.9.3b9p1 on a DEC alpha OSF/1 V3.0 and have had it 
!    core dump while in debug mode.  The last lines printed to named.run 
!    were [...]
  
! A: Paul Vixie says:
  
     I'm always interested in hearing about cases where BIND dumps core.
     However, I need a stack trace.   Compile with -g and not -O (unless
--- 1063,1076 ----
     You get "ignoreds" because the primaries for the relevant zones are
     running old versions of BIND which pass out more glue than is
     required. named-xfer trims off this extra glue.
  
! -----------------------------------------------------------------------------
! 
! Question 6.8.  General problems (core dumps !)
  
! Date: Sun Dec  4 22:21:22 EST 1994
  
! Paul Vixie says:
  
     I'm always interested in hearing about cases where BIND dumps core.
     However, I need a stack trace.   Compile with -g and not -O (unless
***************
*** 1067,1131 ****
     dump for a day or so in case I have questions you can answer via
     gdb/dbx.
  
! ------------------------------
  
  Date: Mon Jan  2 14:19:22 EST 1995
- Subject: Q5.9 - malloc and DECstations
  
! We have replaced malloc on our DECstations with a malloc that is more 
! compact in memory usage, and this helped the operation of bind a lot.
! The source is now available for anonymous ftp from
! 
!    ftp://ftp.cs.wisc.edu/pub/misc/malloc.tar.gz
!  
! 
! ------------------------------
! 
! Date: Fri Apr 28 13:56:32 EDT 1995
! Subject: Q6 - Acknowledgements
! 
! Listed in e-mail address alphabetical order, the following people have 
! contributed to this FAQ:
! 
! Benoit.Grange@inria.fr (Benoit.Grange)
! D.T.Shield@csc.liv.ac.uk (Dave Shield)
! adam@comptech.demon.co.uk (Adam Goodfellow)
! andras@is.co.za (Andras Salamon)
! barmar@nic.near.net (Barry Margolin)
! barr@pop.psu.edu (David Barr)
! bj@herbison.com (B.J. Herbison)
! bje@cbr.fidonet.org (Ben Elliston)
! brad@birch.ims.disa.mil (Brad Knowles)
! ckd@kei.com (Christopher Davis)
! cdp@hertz.njit.edu (Chris Peckham)
! cricket@hp.com (Cricket Liu)
! cudep@csv.warwick.ac.uk (Ian 'Vato' Dickinson [ID17])
! dparter@cs.wisc.edu (David Parter)
! e07@nikhef.nl (Eric Wassenaar)
! fwp@CC.MsState.Edu (Frank Peters)
! gah@cco.caltech.edu (Glen A. Herrmannsfeldt) 
! glenn@popco.com (Glenn Fleishman)
! harvey@indyvax.iupui.edu (James Harvey)
! hubert@cac.washington.edu (Steve Hubert)
! jmalcolm@uunet.uu.net (Joseph Malcolm)
! jhawk@panix.com (John Hawkinson)
! kevin@cfc.com (Kevin Darcy)
! lamont@abstractsoft.com (Sean T. Lamont)
! lavondes@tidtest.total.fr (Michel Lavondes)
! mark@ucsalf.ac.uk (Mark Powell)
! marka@syd.dms.CSIRO.AU (Mark Andrews)
! mathias@unicorn.swi.com.sg (Mathias Koerber)
! mjo@iao.ford.com (Mike O'Connor)
! nick@flapjack.ieunet.ie (Nick Hilliard)
! patrick@oes.amdahl.com (Patrick J. Horgan)
! ph10@cus.cam.ac.uk (Philip Hazel)
! rv@seins.Informatik.Uni-Dortmund.DE (Ruediger Volk)
! shields@tembel.org (Michael Shields)
! tanner@george.arc.nasa.gov (Rob Tanner)
! vixie@vix.com (Paul A Vixie)
! wag@swl.msd.ray.com (William Gianopoulos {84718})
! whg@inel.gov (Bill Gray)
! wolf@pasteur.fr (Christophe Wolfhugel)
  
  Thank you !
  
--- 1083,1298 ----
     dump for a day or so in case I have questions you can answer via
     gdb/dbx.
  
! -----------------------------------------------------------------------------
! 
! Question 6.9.  malloc and DECstations
  
  Date: Mon Jan  2 14:19:22 EST 1995
  
! We have replaced malloc on our DECstations with a malloc that is more
! compact in memory usage, and this helped the operation of bind a lot.  The
! source is now available for anonymous ftp from
! 
! ftp.cs.wisc.edu : /pub/misc/malloc.tar.gz
! 
! -----------------------------------------------------------------------------
! 
! Question 6.10.  Can't resolve names without a "."
! 
! (Answer written by Mark Andrews) You are not using a RFC 1535 aware
! resolver. Depending upon the age of your resolver you could try  adding a
! search directive to resolv.conf.
! 
! 	e.g.
! 	domain <domain>
! 	search <domain> [<domain2> ...]
! 
! If that doesn't work you can configure you server to serve the parent and
! grandparent domains as this is the default search list.
! 
! "domain langley.af.mil" has an implicit "search langley.af.mil af.mil mil"
! in the old resolvers, and you are timing out trying to resolve the
! address with one of these domains tacked on.
! 
! When resolving internic.net the following will be tried in order.
!         internic.net.langley.af.mil
!         internic.net.af.mil
!         internic.net.mil
!         internic.net.
! 
! RFC 1535 aware resolvers try qualified address first.
! 
!         internic.net.
!         internic.net.langley.af.mil
!         internic.net.af.mil
!         internic.net.mil
! RFC 1535 documents the problems associated with the old search
! algorithim,  including security issues, and how to alleviate some of the
! problems.
! 
! -----------------------------------------------------------------------------
! 
! Question 6.11.  Err/TO errors being reported
! 
! Date: Sun May  5 23:46:32 EDT 1996
! 
! Why are errors like
! 
!      Apr  2 20:41:58 nameserver named[25846]: Err/TO getting serial# for 
!      "foobar.domain1.com"
!      Apr  2 20:41:59 nameserver named[25846]: Err/TO getting serial# for 
!      "foobar.domain2.com"
! 
! reported ?  These generally indicate that there is one of the following
! problems:
! 
! * A network problem between you and the primary,
! * A bad IP address in named.boot,
! * The primary is Lame for the zone.
! 
! An external check to see if you can retrieve the SOA is the best way to
! work out which it is.
! 
! -----------------------------------------------------------------------------
! 
! Question 6.12.  Why does swapping kill BIND ?
! 
! Date: Thu Jul  4 23:20:20 EDT 1996
! 
! The question was:
! 
!    I've been diagnosing a problem with BIND 4.9.x (where x is usually 3BETA9 
!    or 3REL) for several months now.  I finally tracked it down to swap space
!    utilization on the unix boxes.
! 
!    This happens under (at least) under Linux 1.2.9 & 1.2.13, SunOS 4.1.3U1, 
!    4.1.1, and Solaris 2.5.  The symptom is that if these machines get into 
!    swap at all bind quits resolving most, if not all queries.  Mind you that 
!    these machines are not "swapping hard", but rather we're talking about a 
!    several hundred K TEMPORARY deficiency.   I have noticed while digging 
!    through various archives that there is some referral to "bind thrashing
!    itself to death".   Is this what is happening ?
! 
! And the answer is:
! 
!    Yes it is. Bind can't tolerate having even a few pages swapped out.  
!    The time required to send responses climbs to several seconds/request,
!    and the request queue fills and overflows.
! 
!    It's possible to shrink memory consumption a lot by undefining STATS
!    and XSTATS, and recompiling.  You could nuke DEBUG too, which will
!    cut the code size down some, but probably not the data size.  If that
!    doesn't do the job then it sounds like you'll need to move DNS onto a
!    separate box.
! 
!    BIND tends to touch all of its resident pages all of the time with
!    normal activity... if you look at the RSS verses the total process
!    size, you will always see the RSS within, usually, 90% of the total
!    size of the process.  This means that *any* paging of named-owned
!    pages will stall named.  Thus, a machine running a heavily accessed
!    named process cannot afford to swap *at all*.
! 
!    (Paul Vixie continues on this subject):
!    I plan to try to get BIND to exhibit slightly better locality of
!    reference in some future release.  Of course, I can only do this if
!    the query names also exhibit some kind of hot spots.  If someone
!    queries all your names often, BIND will have to touch all of its VM
!    pool that often.  (Right now, BIND touches everything pretty often
!    even if you're just hammering on some hot spots -- that's the part
!    I'd like to fix.  Malloc isn't cooperating.)
! 
! ===============================================================================
! 
! Section 7.  ACKNOWLEDGEMENTS
! 
!  Q7.1        How is this FAQ generated ?
!  Q7.2        What formats are available ?
!  Q7.3        Contributors
! 
! -----------------------------------------------------------------------------
! 
! Question 7.1.  How is this FAQ generated ?
! 
! Date: Fri Dec  6 16:51:31 EST 1996
! 
! This FAQ is maintained in BFNN (Bizzarre Format with No Name).  This
! allows me to create ASCII, HTML, and GNU info (postscript coming soon)
! from one source file.
! 
! The perl script "bfnnconv.pl" that is available with the linux FAQ is used
! to generate the various output files from the BFNN source.
! 
! -----------------------------------------------------------------------------
! 
! Question 7.2.  What formats are available ?
! 
! Date: Fri Dec  6 16:51:31 EST 1996
! 
! You may obtain one of the following formats for this document:
! 
! * ASCII: http://www.users.pfmc.net/~cdp/cptd-faq/cptd-faq.ascii
! * BFNN: http://www.users.pfmc.net/~cdp/cptd-faq/cptd-faq.bfnn
! * GNU info: http://www.users.pfmc.net/~cdp/cptd-faq/cptd-faq.info
! * HTML: http://www.users.pfmc.net/~cdp/cptd-faq/index.html
! 
! -----------------------------------------------------------------------------
! 
! Question 7.3.  Contributors
! 
! Date: Sat Dec  7 01:29:29 EST 1996
! 
! Many people have helped put this list together.  Listed in e-mail address
! alphabetical order, the following people have contributed to this FAQ:
! 
! * <Benoit.Grange@inria.fr> (Benoit.Grange)
! * <D.T.Shield@csc.liv.ac.uk> (Dave Shield)
! * <Todd.Aven@BankersTrust.Com>
! * <adam@comptech.demon.co.uk> (Adam Goodfellow)
! * <andras@is.co.za> (Andras Salamon)
! * <barmar@nic.near.net> (Barry Margolin)
! * <barr@pop.psu.edu> (David Barr)
! * <bj@herbison.com> (B.J. Herbison)
! * <bje@cbr.fidonet.org> (Ben Elliston)
! * <brad@birch.ims.disa.mil> (Brad Knowles)
! * <ckd@kei.com> (Christopher Davis)
! * <cdp2582@hertz.njit.edu> (Chris Peckham)
! * <cricket@hp.com> (Cricket Liu)
! * <cudep@csv.warwick.ac.uk> (Ian 'Vato' Dickinson [ID17])
! * <dillon@best.com> (Matthew Dillon)
! * <dparter@cs.wisc.edu> (David Parter)
! * <e07@nikhef.nl> (Eric Wassenaar)
! * <fitz@think.com> (Tom Fitzgerald)
! * <fwp@CC.MsState.Edu> (Frank Peters)
! * <gah@cco.caltech.edu> (Glen A. Herrmannsfeldt)
! * <glenn@popco.com> (Glenn Fleishman)
! * <harvey@indyvax.iupui.edu> (James Harvey)
! * <hubert@cac.washington.edu> (Steve Hubert)
! * <ivanl@pacific.net.sg> (Ivan Leong)
! * <jhawk@panix.com> (John Hawkinson)
! * <jmalcolm@uunet.uu.net> (Joseph Malcolm)
! * <jprovo@augustus.ultra.net> (Joe Provo)
! * <kevin@cfc.com> (Kevin Darcy)
! * <lamont@abstractsoft.com> (Sean T. Lamont)
! * <lavondes@tidtest.total.fr> (Michel Lavondes)
! * <mark@ucsalf.ac.uk> (Mark Powell)
! * <marka@syd.dms.CSIRO.AU> (Mark Andrews)
! * <mathias@unicorn.swi.com.sg> (Mathias Koerber)
! * <mjo@iao.ford.com> (Mike O'Connor)
! * <nick@flapjack.ieunet.ie> (Nick Hilliard)
! * <oppedahl@popserver.panix.com> (Carl Oppedahl)
! * <patrick@oes.amdahl.com> (Patrick J. Horgan)
! * <paul@software.com> (Paul Wren)
! * <pb@fasterix.frmug.fr.net> (Pierre Beyssac)
! * <ph10@cus.cam.ac.uk> (Philip Hazel)
! * <phil@netpart.com> (Phil Trubey)
! * <rocky@panix.com> (R. Bernstein)
! * <rv@seins.Informatik.Uni-Dortmund.DE> (Ruediger Volk)
! * <shields@tembel.org> (Michael Shields)
! * <tanner@george.arc.nasa.gov> (Rob Tanner)
! * <vixie@vix.com> (Paul A Vixie)
! * <wag@swl.msd.ray.com> (William Gianopoulos {84718)
! * <whg@inel.gov> (Bill Gray)
! * <wolf@pasteur.fr> (Christophe Wolfhugel)
  
  Thank you !
  
diff --context --recurs m:\bind495p1/include/resolv.h m:\bind/include/resolv.h
*** m:\bind495p1/include/resolv.h	Mon Dec 02 21:41:13 1996
--- m:\bind/include/resolv.h	Wed Dec 18 23:12:02 1996
***************
*** 55,61 ****
  
  /*
   *	@(#)resolv.h	8.1 (Berkeley) 6/2/93
!  *	$Id: resolv.h,v 8.16 1996/09/28 06:51:03 vixie Exp $
   */
  
  #ifndef _RESOLV_H_
--- 55,61 ----
  
  /*
   *	@(#)resolv.h	8.1 (Berkeley) 6/2/93
!  *	$Id: resolv.h,v 8.17 1996/11/26 10:11:20 vixie Exp $
   */
  
  #ifndef _RESOLV_H_
diff --context --recurs m:\bind495p1/named/db_load.c m:\bind/named/db_load.c
*** m:\bind495p1/named/db_load.c	Mon Dec 02 21:40:20 1996
--- m:\bind/named/db_load.c	Wed Dec 18 23:12:03 1996
***************
*** 1,15 ****
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)db_load.c	4.38 (Berkeley) 3/2/91";
! static char rcsid[] = "$Id: db_load.c,v 8.30 1996/11/11 06:36:49 vixie Exp $";
! #endif /* not lint */
  
  /*
!  * ++Copyright++ 1986, 1988, 1990
   * -
!  * Copyright (c) 1986, 1988, 1990
!  *    The Regents of the University of California.  All rights reserved.
   * 
!  * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   * 1. Redistributions of source code must retain the above copyright
--- 1,15 ----
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)db_load.c	4.38 (Berkeley) 3/2/91";
! static char rcsid[] = "$Id: db_load.c,v 8.31 1996/12/18 04:09:48 vixie Exp $";
! #endif /* not lint */
  
  /*
!  * ++Copyright++ 1986, 1988, 1990
   * -
!  * Copyright (c) 1986, 1988, 1990
!  *    The Regents of the University of California.  All rights reserved.
   * 
!  * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   * 1. Redistributions of source code must retain the above copyright
***************
*** 913,923 ****
  					nk = 1;		/* No-key */
  				else
  					nk = 0;		/* have a key */
! 
! 				if ((KEYFLAG_NO_AUTH | KEYFLAG_ZONEKEY) ==
! 				    (keyflags &
! 				     (KEYFLAG_NO_AUTH | KEYFLAG_ZONEKEY))) {
! 					SETERR("Zone key with no auth.");
  					goto err;
  				}
  
--- 913,924 ----
  					nk = 1;		/* No-key */
  				else
  					nk = 0;		/* have a key */
!                               if ((keyflags & KEYFLAG_ZONEKEY) && 
!                                   (KEYFLAG_TYPE_CONF_ONLY ==
!                                    (keyflags & KEYFLAG_TYPEMASK))) {
!                                       /* Zone key must have Authentication bit
!                                        set  ogud@tis.com */ 
!                                       SETERR("Zonekey needs authentication bit");
  					goto err;
  				}
  
***************
*** 944,953 ****
  				   the algorithm-ID's that we know about. */
  				switch (al) {
  				case ALGORITHM_MD5RSA:
! 					if (klen == 0) {
! 						SETERR("No key for RSA algid");
! 						goto err;
! 					}
  					expstart = cp;
  					expbytes = *expstart++;
  					if (expbytes == 0)
--- 945,952 ----
  				   the algorithm-ID's that we know about. */
  				switch (al) {
  				case ALGORITHM_MD5RSA:
! 					if (klen == 0)
! 						break;
  					expstart = cp;
  					expbytes = *expstart++;
  					if (expbytes == 0)
diff --context --recurs m:\bind495p1/named/named-xfer.c m:\bind/named/named-xfer.c
*** m:\bind495p1/named/named-xfer.c	Mon Dec 02 21:41:13 1996
--- m:\bind/named/named-xfer.c	Wed Dec 18 23:12:03 1996
***************
*** 92,98 ****
  
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)named-xfer.c	4.18 (Berkeley) 3/7/91";
! static char rcsid[] = "$Id: named-xfer.c,v 8.20 1996/11/11 06:36:49 vixie Exp $";
  #endif /* not lint */
  
  #include <sys/types.h>
--- 92,98 ----
  
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)named-xfer.c	4.18 (Berkeley) 3/7/91";
! static char rcsid[] = "$Id: named-xfer.c,v 8.22 1996/12/02 09:17:21 vixie Exp $";
  #endif /* not lint */
  
  #include <sys/types.h>
diff --context --recurs m:\bind495p1/named/ns_forw.c m:\bind/named/ns_forw.c
*** m:\bind495p1/named/ns_forw.c	Mon Dec 02 21:41:13 1996
--- m:\bind/named/ns_forw.c	Wed Dec 18 23:12:03 1996
***************
*** 1,6 ****
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_forw.c	4.32 (Berkeley) 3/3/91";
! static char rcsid[] = "$Id: ns_forw.c,v 8.18 1996/10/08 04:51:03 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 1,6 ----
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_forw.c	4.32 (Berkeley) 3/3/91";
! static char rcsid[] = "$Id: ns_forw.c,v 8.19 1996/12/02 09:27:36 vixie Exp $";
  #endif /* not lint */
  
  /*
diff --context --recurs m:\bind495p1/named/ns_init.c m:\bind/named/ns_init.c
*** m:\bind495p1/named/ns_init.c	Mon Dec 02 21:41:13 1996
--- m:\bind/named/ns_init.c	Wed Dec 18 23:12:03 1996
***************
*** 1,6 ****
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_init.c	4.38 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: ns_init.c,v 8.22 1996/11/11 06:36:49 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 1,6 ----
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_init.c	4.38 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: ns_init.c,v 8.24 1996/12/02 09:17:21 vixie Exp $";
  #endif /* not lint */
  
  /*
diff --context --recurs m:\bind495p1/named/ns_main.c m:\bind/named/ns_main.c
*** m:\bind495p1/named/ns_main.c	Mon Dec 02 21:41:13 1996
--- m:\bind/named/ns_main.c	Wed Dec 18 23:12:03 1996
***************
*** 1,6 ****
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_main.c	4.55 (Berkeley) 7/1/91";
! static char rcsid[] = "$Id: ns_main.c,v 8.23 1996/11/11 06:36:49 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 1,6 ----
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_main.c	4.55 (Berkeley) 7/1/91";
! static char rcsid[] = "$Id: ns_main.c,v 8.24 1996/11/26 10:11:22 vixie Exp $";
  #endif /* not lint */
  
  /*
diff --context --recurs m:\bind495p1/named/ns_resp.c m:\bind/named/ns_resp.c
*** m:\bind495p1/named/ns_resp.c	Mon Dec 02 21:41:13 1996
--- m:\bind/named/ns_resp.c	Wed Dec 18 23:12:03 1996
***************
*** 1,6 ****
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_resp.c	4.65 (Berkeley) 3/3/91";
! static char rcsid[] = "$Id: ns_resp.c,v 8.36 1996/11/11 06:36:49 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 1,6 ----
  #if !defined(lint) && !defined(SABER)
  static char sccsid[] = "@(#)ns_resp.c	4.65 (Berkeley) 3/3/91";
! static char rcsid[] = "$Id: ns_resp.c,v 8.37 1996/12/02 09:17:21 vixie Exp $";
  #endif /* not lint */
  
  /*
Only in m:\bind495p1: p1c1
Only in m:\bind495p1: p1c2
diff --context --recurs m:\bind495p1/res/res_comp.c m:\bind/res/res_comp.c
*** m:\bind495p1/res/res_comp.c	Mon Dec 02 21:41:14 1996
--- m:\bind/res/res_comp.c	Wed Dec 18 23:12:03 1996
***************
*** 55,61 ****
  
  #if defined(LIBC_SCCS) && !defined(lint)
  static char sccsid[] = "@(#)res_comp.c	8.1 (Berkeley) 6/4/93";
! static char rcsid[] = "$Id: res_comp.c,v 8.10 1996/10/08 04:51:06 vixie Exp $";
  #endif /* LIBC_SCCS and not lint */
  
  #include <sys/types.h>
--- 55,61 ----
  
  #if defined(LIBC_SCCS) && !defined(lint)
  static char sccsid[] = "@(#)res_comp.c	8.1 (Berkeley) 6/4/93";
! static char rcsid[] = "$Id: res_comp.c,v 8.11 1996/12/02 09:17:22 vixie Exp $";
  #endif /* LIBC_SCCS and not lint */
  
  #include <sys/types.h>
diff --context --recurs m:\bind495p1/res/res_debug.c m:\bind/res/res_debug.c
*** m:\bind495p1/res/res_debug.c	Mon Dec 02 21:41:14 1996
--- m:\bind/res/res_debug.c	Wed Dec 18 23:12:03 1996
***************
*** 77,83 ****
  
  #if defined(LIBC_SCCS) && !defined(lint)
  static char sccsid[] = "@(#)res_debug.c	8.1 (Berkeley) 6/4/93";
! static char rcsid[] = "$Id: res_debug.c,v 8.18 1996/11/11 06:36:52 vixie Exp $";
  #endif /* LIBC_SCCS and not lint */
  
  #include <sys/param.h>
--- 77,83 ----
  
  #if defined(LIBC_SCCS) && !defined(lint)
  static char sccsid[] = "@(#)res_debug.c	8.1 (Berkeley) 6/4/93";
! static char rcsid[] = "$Id: res_debug.c,v 8.19 1996/11/26 10:11:23 vixie Exp $";
  #endif /* LIBC_SCCS and not lint */
  
  #include <sys/param.h>
diff --context --recurs m:\bind495p1/shres/sunos/INSTALL m:\bind/shres/sunos/INSTALL
*** m:\bind495p1/shres/sunos/INSTALL	Mon Dec 02 21:41:14 1996
--- m:\bind/shres/sunos/INSTALL	Wed Dec 18 23:12:07 1996
***************
*** 1,7 ****
  Installing BIND resolver code in SunOS 4.1.x shared libraries
  ===================================================================
  
! $Id: INSTALL,v 8.7 1996/11/11 06:36:53 vixie Exp $
  
  by Chris Davis <ckd@kei.com>
  
--- 1,7 ----
  Installing BIND resolver code in SunOS 4.1.x shared libraries
  ===================================================================
  
! $Id: INSTALL,v 8.8 1996/11/26 10:11:24 vixie Exp $
  
  by Chris Davis <ckd@kei.com>
  
Only in m:\bind/shres/sunos: INSTALL.orig
Only in m:\bind/shres/sunos: INSTALL.rej
diff --context --recurs m:\bind495p1/shres/sunos/ISSUES m:\bind/shres/sunos/ISSUES
*** m:\bind495p1/shres/sunos/ISSUES	Mon Dec 02 21:41:14 1996
--- m:\bind/shres/sunos/ISSUES	Wed Dec 18 23:12:07 1996
***************
*** 1,7 ****
  Issues with BIND 4.9.x resolver code and SunOS 4.1.x shared libraries
  =====================================================================
  
! $Id: ISSUES,v 1.2 1995/12/29 07:16:25 vixie Exp $
  
  Changes to the shared library setup have lots of little pitfalls and
  mines.  This is an attempt to map the minefield, for those who feel
--- 1,7 ----
  Issues with BIND 4.9.x resolver code and SunOS 4.1.x shared libraries
  =====================================================================
  
! $Id: ISSUES,v 1.3 1996/11/26 10:11:24 vixie Exp $
  
  Changes to the shared library setup have lots of little pitfalls and
  mines.  This is an attempt to map the minefield, for those who feel
Only in m:\bind/shres/sunos: ISSUES.orig
diff --context --recurs m:\bind495p1/shres/sunos/PROBLEMS m:\bind/shres/sunos/PROBLEMS
*** m:\bind495p1/shres/sunos/PROBLEMS	Mon Dec 02 21:41:14 1996
--- m:\bind/shres/sunos/PROBLEMS	Wed Dec 18 23:12:07 1996
***************
*** 1,7 ****
  Common problems with installing BIND 4.9.3 on SunOS 4.1.x
  =========================================================
  
! $Id: PROBLEMS,v 8.4 1995/12/29 07:16:25 vixie Exp $
  
  by Chris Davis <ckd@kei.com>
  
--- 1,7 ----
  Common problems with installing BIND 4.9.3 on SunOS 4.1.x
  =========================================================
  
! $Id: PROBLEMS,v 8.5 1996/11/26 10:11:24 vixie Exp $
  
  by Chris Davis <ckd@kei.com>
  
Only in m:\bind/shres/sunos: PROBLEMS.orig
Only in m:\bind/shres/sunos: PROBLEMS.rej
diff --context --recurs m:\bind495p1/shres/sunos/makeshlib m:\bind/shres/sunos/makeshlib
*** m:\bind495p1/shres/sunos/makeshlib	Mon Dec 02 21:41:14 1996
--- m:\bind/shres/sunos/makeshlib	Wed Dec 18 23:12:07 1996
***************
*** 8,14 ****
  # with additions by Greg Woods <woods@planix.com>
  #               and Michael Helm <mike@fionn.lbl.gov>
  #
! # $Id: makeshlib,v 8.5 1995/12/24 06:44:27 vixie Exp $
  #
  # set these by hand, or as an environment var, or let script figure them out
  #bindtree=/usr/obj/local/bind
--- 8,14 ----
  # with additions by Greg Woods <woods@planix.com>
  #               and Michael Helm <mike@fionn.lbl.gov>
  #
! # $Id: makeshlib,v 8.6 1996/11/26 10:11:24 vixie Exp $
  #
  # set these by hand, or as an environment var, or let script figure them out
  #bindtree=/usr/obj/local/bind
Only in m:\bind/shres/sunos: makeshlib.orig
diff --context --recurs m:\bind495p1/tools/nslookup/debug.c m:\bind/tools/nslookup/debug.c
*** m:\bind495p1/tools/nslookup/debug.c	Mon Dec 02 21:41:14 1996
--- m:\bind/tools/nslookup/debug.c	Wed Dec 18 23:12:03 1996
***************
*** 55,69 ****
  
  #ifndef lint
  static char sccsid[] = "@(#)debug.c	5.26 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: debug.c,v 8.8 1996/10/08 04:51:08 vixie Exp $";
! #endif /* not lint */
  
  /*
   *******************************************************************************
   *
!  *  debug.c --
   *
!  *	Routines to print out packets received from a name server query.
   *
   *      Modified version of 4.3BSD BIND res_debug.c 5.30 6/27/90
   *
--- 55,69 ----
  
  #ifndef lint
  static char sccsid[] = "@(#)debug.c	5.26 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: debug.c,v 8.10 1996/12/18 04:09:50 vixie Exp $";
! #endif /* not lint */
  
  /*
   *******************************************************************************
   *
!  *  debug.c --
   *
!  *	Routines to print out packets received from a name server query.
   *
   *      Modified version of 4.3BSD BIND res_debug.c 5.30 6/27/90
   *
***************
*** 176,187 ****
  	 */
  	if (n = ntohs(hp->ancount)) {
  		fprintf(file,"    ANSWERS:\n");
! 		if ((type == T_A) && (hp->ancount > MAXADDRS))
! 		  {
!                    printf("Limiting response to MAX Addrs = %d \n",MAXADDRS);
! 		   n = MAXADDRS;
! 		  }
! 
  		while (--n >= 0) {
  			fprintf(file, INDENT);
  			cp = Print_rr(cp, msg, eom, file);
--- 176,186 ----
  	 */
  	if (n = ntohs(hp->ancount)) {
  		fprintf(file,"    ANSWERS:\n");
! 		if (type == T_A && n > MAXADDRS) {
! 			printf("Limiting response to MAX Addrs = %d \n",
! 			       MAXADDRS);
! 			n = MAXADDRS;
! 		}
  		while (--n >= 0) {
  			fprintf(file, INDENT);
  			cp = Print_rr(cp, msg, eom, file);
diff --context --recurs m:\bind495p1/tools/nslookup/getinfo.c m:\bind/tools/nslookup/getinfo.c
*** m:\bind495p1/tools/nslookup/getinfo.c	Mon Dec 02 21:41:14 1996
--- m:\bind/tools/nslookup/getinfo.c	Wed Dec 18 23:12:03 1996
***************
*** 55,61 ****
  
  #ifndef lint
  static char sccsid[] = "@(#)getinfo.c	5.26 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: getinfo.c,v 8.4 1996/09/22 00:13:36 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 55,61 ----
  
  #ifndef lint
  static char sccsid[] = "@(#)getinfo.c	5.26 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: getinfo.c,v 8.6 1996/12/02 09:17:24 vixie Exp $";
  #endif /* not lint */
  
  /*
diff --context --recurs m:\bind495p1/tools/nslookup/list.c m:\bind/tools/nslookup/list.c
*** m:\bind495p1/tools/nslookup/list.c	Mon Dec 02 21:41:14 1996
--- m:\bind/tools/nslookup/list.c	Wed Dec 18 23:12:03 1996
***************
*** 55,61 ****
  
  #ifndef lint
  static char sccsid[] = "@(#)list.c	5.23 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: list.c,v 8.8 1996/10/08 04:51:08 vixie Exp $";
  #endif /* not lint */
  
  /*
--- 55,61 ----
  
  #ifndef lint
  static char sccsid[] = "@(#)list.c	5.23 (Berkeley) 3/21/91";
! static char rcsid[] = "$Id: list.c,v 8.9 1996/11/26 10:11:26 vixie Exp $";
  #endif /* not lint */
  
  /*
diff --context --recurs m:\bind495p1/tools/nslookup/res.h m:\bind/tools/nslookup/res.h
*** m:\bind495p1/tools/nslookup/res.h	Mon Dec 02 21:41:14 1996
--- m:\bind/tools/nslookup/res.h	Wed Dec 18 23:12:03 1996
***************
*** 55,61 ****
  
  /*
   *	@(#)res.h	5.10 (Berkeley) 6/1/90
!  *	$Id: res.h,v 8.2 1996/08/08 06:54:51 vixie Exp $
   */
  
  /*
--- 55,61 ----
  
  /*
   *	@(#)res.h	5.10 (Berkeley) 6/1/90
!  *	$Id: res.h,v 8.3 1996/12/02 09:17:24 vixie Exp $
   */
  
  /*
