>> again: one or two. simple. impact.
>
> Great question Randy. For a bind resolver adding
>
> zone "." { type mirror; };
>
> to your local configuration will have a useful
> impact. simple. immediate.
This is getting into the weeds with BIND config, but won't an
administrator also have to comment out any "type hint" root zone
configuration at the same time? I would not have expected to be
able to have both
zone "." { type mirror; file "root.zone"; };
and
zone "." { type hint; file "root.cache"; };
configured simultaneously, and the latter i beleive to be rather
customary.
So what does BIND fall back on if validation of the mirror root zone
should fail or some other problem causes the mirror zone to be
dis-regarded? Built-in root hints, perhaps?
I'm just trying to map out all of the potential failure scenarios, and
convince myself that this is "just as safe as before"...
Regards,
- Håvard
-----
To unsubscribe from this mailing list or change your subscription options,
please visit: https://mailman.ripe.net/mailman3/lists/dns-wg.ripe.net/
As we have migrated to Mailman 3, you will need to create an account with the
email matching your subscription before you can change your settings.
More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
