Merge branch '4101-update-b-root-server-net-addresses-bind-9.18' into 'bind-9.18'

[9.18] Resolve "Update b.root-server.net addresses" See merge request isc-projects/bind9!8462
2026-05-27 20:25:55 -04:00 · 2023-11-02 17:19:05 +00:00 · 2023-11-02 17:19:05 +00:00 · 27cf95ac98
commit 27cf95ac98
parent 1664f95c66 3b55342a4b
4 changed files with 55 additions and 8 deletions
--- a/3
+++ b/3
@ -10,6 +10,9 @@

 6271.	[bug]		Fix a shutdown race in dns__catz_update_cb(). [GL #4381]

+6269.	[maint]		B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and
+			2801:1b8:10::b. [GL #4101]
+
 6267.	[func]		Adjust UDP timeouts used in zone maintenance. [GL #4260]

 6265.	[bug]		Don't schedule resign operations on the raw version
--- a/bin/named/config.c
+++ b/bin/named/config.c
@ -337,14 +337,14 @@ dnssec-policy \"insecure\" {\n\
 			    "# END TRUST ANCHORS\n\
 \n\
 primaries " DEFAULT_IANA_ROOT_ZONE_PRIMARIES " {\n\
-	2001:500:200::b;	# b.root-servers.net\n\
+	2801:1b8:10::b;		# b.root-servers.net\n\
 	2001:500:2::c;		# c.root-servers.net\n\
 	2001:500:2f::f;		# f.root-servers.net\n\
 	2001:500:12::d0d;	# g.root-servers.net\n\
 	2001:7fd::1;		# k.root-servers.net\n\
 	2620:0:2830:202::132;	# xfr.cjr.dns.icann.org\n\
 	2620:0:2d0:202::132;	# xfr.lax.dns.icann.org\n\
-	199.9.14.201;		# b.root-servers.net\n\
+	170.247.170.2;		# b.root-servers.net\n\
 	192.33.4.12;		# c.root-servers.net\n\
 	192.5.5.241;		# f.root-servers.net\n\
 	192.112.36.4;		# g.root-servers.net\n\
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@ -32,6 +32,9 @@ Feature Changes

 - None.

+- B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and 2801:1b8:10::b.
+  :gl:`#4101`
+
 Bug Fixes
 ~~~~~~~~~

--- a/lib/dns/rootns.c
+++ b/lib/dns/rootns.c
@ -34,6 +34,9 @@
 #include <dns/rootns.h>
 #include <dns/view.h>

+/*
+ * Also update 'upcoming' when updating 'root_ns'.
+ */
 static char root_ns[] =
 	";\n"
 	"; Internet Root Nameservers\n"
@ -54,8 +57,8 @@ static char root_ns[] =
 	".                       518400  IN      NS      M.ROOT-SERVERS.NET.\n"
 	"A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4\n"
 	"A.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:BA3E::2:30\n"
-	"B.ROOT-SERVERS.NET.     3600000 IN      A       199.9.14.201\n"
-	"B.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:200::b\n"
+	"B.ROOT-SERVERS.NET.     3600000 IN      A       170.247.170.2\n"
+	"B.ROOT-SERVERS.NET.     3600000 IN      AAAA    2801:1b8:10::b\n"
 	"C.ROOT-SERVERS.NET.     3600000 IN      A       192.33.4.12\n"
 	"C.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:2::c\n"
 	"D.ROOT-SERVERS.NET.     3600000 IN      A       199.7.91.13\n"
@ -79,6 +82,24 @@ static char root_ns[] =
 	"M.ROOT-SERVERS.NET.     3600000 IN      A       202.12.27.33\n"
 	"M.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:DC3::35\n";

+static unsigned char b_data[] = "\001b\014root-servers\003net";
+static unsigned char b_offsets[] = { 0, 2, 15, 19 };
+
+static struct upcoming {
+	const dns_name_t name;
+	dns_rdatatype_t type;
+	isc_stdtime_t time;
+} upcoming[] = { {
+			 .name = DNS_NAME_INITABSOLUTE(b_data, b_offsets),
+			 .type = dns_rdatatype_a,
+			 .time = 1701086400 /* November 27 2023, 12:00 UTC */
+		 },
+		 {
+			 .name = DNS_NAME_INITABSOLUTE(b_data, b_offsets),
+			 .type = dns_rdatatype_aaaa,
+			 .time = 1701086400 /* November 27 2023, 12:00 UTC */
+		 } };
+
 static isc_result_t
 in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
 	isc_result_t result;
@ -337,6 +358,18 @@ inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) {
 	return (false);
 }

+static bool
+changing(const dns_name_t *name, dns_rdatatype_t type, isc_stdtime_t now) {
+	for (size_t i = 0; i < ARRAY_SIZE(upcoming); i++) {
+		if (upcoming[i].time > now && upcoming[i].type == type &&
+		    dns_name_equal(&upcoming[i].name, name))
+		{
+			return (true);
+		}
+	}
+	return (false);
+}
+
 /*
 * Check that the address RRsets match.
 *
@ -368,7 +401,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&rootrrset, &rdata);
-			if (!inrrset(&hintrrset, &rdata)) {
+			if (!inrrset(&hintrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_a, now))
+			{
 				report(view, name, true, &rdata);
 			}
 			result = dns_rdataset_next(&rootrrset);
@ -377,7 +412,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&hintrrset, &rdata);
-			if (!inrrset(&rootrrset, &rdata)) {
+			if (!inrrset(&rootrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_a, now))
+			{
 				report(view, name, false, &rdata);
 			}
 			result = dns_rdataset_next(&hintrrset);
@ -416,7 +453,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&rootrrset, &rdata);
-			if (!inrrset(&hintrrset, &rdata)) {
+			if (!inrrset(&hintrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_aaaa, now))
+			{
 				report(view, name, true, &rdata);
 			}
 			dns_rdata_reset(&rdata);
@ -426,7 +465,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&hintrrset, &rdata);
-			if (!inrrset(&rootrrset, &rdata)) {
+			if (!inrrset(&rootrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_aaaa, now))
+			{
 				report(view, name, false, &rdata);
 			}
 			dns_rdata_reset(&rdata);