>> Just for clarification, do I understand correctly that if none of the >> empty zones described in RFC 6303 are set up explicitly in the bind >> 9.9.0 configuration file, then bind 9.9.0 will process them as such >> anyway using built-in generic zone processing rules?
> Yes. To expand a bit on Mark's answer, all of the namespaces covered by RFC > 6303 have built-in empty zones in BIND 9.9, and these zones are activated by > default in any view that supports recursion. No configuration should be > necessary. > If you want to set up reverse DNS for a private network in a nonroutable > address space, you can go ahead and do so; zones that you configure override > the built-in zones. Thanks. This works as you say if I remove the explicit configuration for the empty zones, as verified by adding the option 'zone-statistics yes;' and running 'rndc stats'. Also I see that bind 9.9.0 uses built-in root hints if those are not explicitly configured. If the root hints are updated on ftp://rs.internic.net/domain/, would it require a new build of bind to incorporate them, or is bind able to update its built-in root hints by some other means? Finally it appears that aside from the built-in empty zones, a forward lookup zone for 'localhost.' is still required to prevent bind from attempting to resolve this name over the Internet. Reverse lookup zones for 127.0.0.1 and ::1 are also required if it is necessary to resolve those addresses to the name 'localhost.' Is it still considered a best practice to explicitly configure these localhost-related zones on recursive resolvers? I see this point addressed in RFC 1912, but don't see anything in RFC 5735 and RFC 6303, which have superseded it. Jeffry A. Spain Network Administrator Cincinnati Country Day School _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
