conf/115573: Typo in default named.conf locks out Sun

Oliver Fromme olli at secnetix.de
Thu Aug 16 06:10:02 PDT 2007 

>Number:         115573
>Category:       conf
>Synopsis:       Typo in default named.conf locks out Sun
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 16 13:10:01 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Oliver Fromme
>Release:        FreeBSD 6.2-STABLE-20070808 i386
>Organization:
secnetix GmbH & Co. KG
		http://www.secnetix.de/bsd
>Environment:
System: FreeBSD pluto.secnetix.de 6.2-STABLE-20070808 FreeBSD 6.2-STABLE-20070808 #0: Wed Aug 8 14:35:59 CEST 2007 olli at pluto.secnetix.de:/usr/obj/usr/src/sys/PLUTO i386

    The problem described here affects HEAD and RELENG_6.

>Description:

    The current default configuration of BIND (named.conf)
    blocks the network 192.18/15.  This network belongs
    to Sun Microsystems Inc., Medical Research Council and
    Agere Systems Inc.

    The comment in the file claims that the network block
    is reserved for router benchmark testing in accordance
    with RFC 2544.  However, there's a typo in that RFC
    which has been corrected in an erratum:

    http://www.rfc-editor.org/cgi-bin/errataSearch.pl?rfc=2544

    So the correct network block is 198.18/15.  The correct
    network block is also mentioned in RFC 3330:

    http://www.rfc-editor.org/rfc/rfc3330.txt

    The error in the default named.conf file should be
    corrected ASAP.  As it stands now, the 192.18/15 network
    which belongs to Sun and others is locked out by default
    on FreeBSD machines!

>How-To-Repeat:

    whois 192.18
    whois 198.18

>Fix:

--- src/etc/namedb/named.conf.orig	2007-08-08 13:51:41.000000000 +0200
+++ src/etc/namedb/named.conf	2007-08-16 15:07:36.000000000 +0200
@@ -157,9 +157,9 @@
 // TEST-NET for Documentation (RFC 3330)
 zone "2.0.192.in-addr.arpa"	{ type master; file "master/empty.db"; };
 
-// Router Benchmark Testing (RFC 2544)
-zone "18.192.in-addr.arpa"	{ type master; file "master/empty.db"; };
-zone "19.192.in-addr.arpa"	{ type master; file "master/empty.db"; };
+// Router Benchmark Testing (RFC 2544 + erratum, RFC 3330)
+zone "18.198.in-addr.arpa"	{ type master; file "master/empty.db"; };
+zone "19.198.in-addr.arpa"	{ type master; file "master/empty.db"; };
 
 // IANA Reserved - Old Class E Space
 zone "240.in-addr.arpa"		{ type master; file "master/empty.db"; };


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list