From owner-freebsd-net Thu Sep 19 1:44:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A33037B401 for ; Thu, 19 Sep 2002 01:44:30 -0700 (PDT) Received: from smtp.uc3m.es (smtp02.uc3m.es [163.117.136.122]) by mx1.FreeBSD.org (Postfix) with ESMTP id 39F0843E6E for ; Thu, 19 Sep 2002 01:44:29 -0700 (PDT) (envelope-from jrh@it.uc3m.es) Received: from smtp02.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id 48445431DD; Thu, 19 Sep 2002 10:44:28 +0200 (CEST) Received: from it.uc3m.es (mira.it.uc3m.es [163.117.140.166]) by smtp02.uc3m.es (Postfix) with ESMTP id 8468F99F2A; Thu, 19 Sep 2002 10:44:27 +0200 (CEST) Message-ID: <3D898E6B.692C3C43@it.uc3m.es> Date: Thu, 19 Sep 2002 10:44:27 +0200 From: Juan Francisco Rodriguez Hervella X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.5-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Lista , "(Lista) bind9-users@isc.org" Subject: RES_INSECURE and CHECK_SRVR_ADDR in resolver functions (IPv6 anycast response problem) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello: I need to make some tests with IPv6 anycast addresses, and I've found out that when /etc/resolv.conf has an IPv6 anycast address, the DNS response isn't accepted because it comes from an unicast IPv6 address. I've been digging into the source code of /usr/src/lib/libc/net/res_* and I've found these constants: RES_INSECURE1 RES_INSECURE2 and a compilation option called: CHECK_SRVR_ADDR What I would like to do is re-compile the resolver library to accept DNS responses coming from a unicast IPv6 address to solve the problem mentioned above. What's better... to *un*define CHECK_SRVR_ADDR or to include RES_INSECURE1 into RES_DEFAULT ? Do you think it's a good idea to do this ? what are the security implications ? PS: RES_DEFAULT appears in "resolv.h" Best Regards. -- JFRH. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message