Merge branch '4101-update-b-root-server-net-addresses' into 'main'

Resolve "Update b.root-server.net addresses" Closes #4101 See merge request isc-projects/bind9!8371
2026-03-23 02:43:17 -04:00 · 2023-10-20 03:44:36 +00:00 · 2023-10-20 03:44:36 +00:00 · 30e182ea56
commit 30e182ea56
parent 2728b8100c c7a06b1fa1
4 changed files with 55 additions and 8 deletions
--- a/3
+++ b/3
@ -1,3 +1,6 @@
+6269.	[maint]		B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and
+			2801:1b8:10::b. [GL #4101]
+
 6268.	[func]		Offload the IXFR and AXFR processing to unblock
 			the networking threads. [GL #4367]

--- a/bin/named/config.c
+++ b/bin/named/config.c
@ -328,14 +328,14 @@ dnssec-policy \"insecure\" {\n\
 			    "# END TRUST ANCHORS\n\
 \n\
 primaries " DEFAULT_IANA_ROOT_ZONE_PRIMARIES " {\n\
-	2001:500:200::b;	# b.root-servers.net\n\
+	2801:1b8:10::b;		# b.root-servers.net\n\
 	2001:500:2::c;		# c.root-servers.net\n\
 	2001:500:2f::f;		# f.root-servers.net\n\
 	2001:500:12::d0d;	# g.root-servers.net\n\
 	2001:7fd::1;		# k.root-servers.net\n\
 	2620:0:2830:202::132;	# xfr.cjr.dns.icann.org\n\
 	2620:0:2d0:202::132;	# xfr.lax.dns.icann.org\n\
-	199.9.14.201;		# b.root-servers.net\n\
+	170.247.170.2;		# b.root-servers.net\n\
 	192.33.4.12;		# c.root-servers.net\n\
 	192.5.5.241;		# f.root-servers.net\n\
 	192.112.36.4;		# g.root-servers.net\n\
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@ -51,6 +51,9 @@ Feature Changes
  zones will no longer create redundant signed versions of the zone.
  :gl:`#4349`

+- B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and 2801:1b8:10::b.
+  :gl:`#4101`
+
 Bug Fixes
 ~~~~~~~~~

--- a/lib/dns/rootns.c
+++ b/lib/dns/rootns.c
@ -34,6 +34,9 @@
 #include <dns/rootns.h>
 #include <dns/view.h>

+/*
+ * Also update 'upcoming' when updating 'root_ns'.
+ */
 static char root_ns[] =
 	";\n"
 	"; Internet Root Nameservers\n"
@ -54,8 +57,8 @@ static char root_ns[] =
 	".                       518400  IN      NS      M.ROOT-SERVERS.NET.\n"
 	"A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4\n"
 	"A.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:BA3E::2:30\n"
-	"B.ROOT-SERVERS.NET.     3600000 IN      A       199.9.14.201\n"
-	"B.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:200::b\n"
+	"B.ROOT-SERVERS.NET.     3600000 IN      A       170.247.170.2\n"
+	"B.ROOT-SERVERS.NET.     3600000 IN      AAAA    2801:1b8:10::b\n"
 	"C.ROOT-SERVERS.NET.     3600000 IN      A       192.33.4.12\n"
 	"C.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:500:2::c\n"
 	"D.ROOT-SERVERS.NET.     3600000 IN      A       199.7.91.13\n"
@ -79,6 +82,24 @@ static char root_ns[] =
 	"M.ROOT-SERVERS.NET.     3600000 IN      A       202.12.27.33\n"
 	"M.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:DC3::35\n";

+static unsigned char b_data[] = "\001b\014root-servers\003net";
+static unsigned char b_offsets[] = { 0, 2, 15, 19 };
+
+static struct upcoming {
+	const dns_name_t name;
+	dns_rdatatype_t type;
+	isc_stdtime_t time;
+} upcoming[] = { {
+			 .name = DNS_NAME_INITABSOLUTE(b_data, b_offsets),
+			 .type = dns_rdatatype_a,
+			 .time = 1701086400 /* November 27 2023, 12:00 UTC */
+		 },
+		 {
+			 .name = DNS_NAME_INITABSOLUTE(b_data, b_offsets),
+			 .type = dns_rdatatype_aaaa,
+			 .time = 1701086400 /* November 27 2023, 12:00 UTC */
+		 } };
+
 static isc_result_t
 in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
 	isc_result_t result;
@ -335,6 +356,18 @@ inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) {
 	return (false);
 }

+static bool
+changing(const dns_name_t *name, dns_rdatatype_t type, isc_stdtime_t now) {
+	for (size_t i = 0; i < ARRAY_SIZE(upcoming); i++) {
+		if (upcoming[i].time > now && upcoming[i].type == type &&
+		    dns_name_equal(&upcoming[i].name, name))
+		{
+			return (true);
+		}
+	}
+	return (false);
+}
+
 /*
 * Check that the address RRsets match.
 *
@ -366,7 +399,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&rootrrset, &rdata);
-			if (!inrrset(&hintrrset, &rdata)) {
+			if (!inrrset(&hintrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_a, now))
+			{
 				report(view, name, true, &rdata);
 			}
 			result = dns_rdataset_next(&rootrrset);
@ -375,7 +410,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&hintrrset, &rdata);
-			if (!inrrset(&rootrrset, &rdata)) {
+			if (!inrrset(&rootrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_a, now))
+			{
 				report(view, name, false, &rdata);
 			}
 			result = dns_rdataset_next(&hintrrset);
@ -414,7 +451,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&rootrrset, &rdata);
-			if (!inrrset(&hintrrset, &rdata)) {
+			if (!inrrset(&hintrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_aaaa, now))
+			{
 				report(view, name, true, &rdata);
 			}
 			dns_rdata_reset(&rdata);
@ -424,7 +463,9 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
 		while (result == ISC_R_SUCCESS) {
 			dns_rdata_reset(&rdata);
 			dns_rdataset_current(&hintrrset, &rdata);
-			if (!inrrset(&rootrrset, &rdata)) {
+			if (!inrrset(&rootrrset, &rdata) &&
+			    !changing(name, dns_rdatatype_aaaa, now))
+			{
 				report(view, name, false, &rdata);
 			}
 			dns_rdata_reset(&rdata);