On Mon, Nov 10, 2014 at 05:27:08PM +0000, Evan Hunt wrote:
> Attached is a sample named.conf configuration which implements this using a
> "root" view for the root zone slave, and a "recursive" view for recursion.
> DNSSEC validation works correctly and the root zone will sync correctly.
One of these days I want to write a mail client that checks for the word
"attached" and refuses to let me hit send until I attach something.
--
Evan Hunt -- [email protected]
Internet Systems Consortium, Inc.
options {
directory "/etc/bind";
listen-on { any; };
listen-on-v6 { any; };
};
view root {
match-destinations { 127.0.0.1; };
zone "." {
type slave;
file "rootzone.db";
notify no;
masters {
# b.root-servers.net
192.228.79.201;
2001:500:84::b;
# c.root-servers.net
192.33.4.12;
2001:500:2::c;
# f.root-servers.net
192.5.5.241;
2001:500:2f::f;
# g.root-servers.net
192.112.36.4;
# k.root-servers.net
193.0.14.129;
2001:7fd::1;
};
};
};
view recursive {
dnssec-validation auto;
allow-recursion { localnets; };
recursion yes;
zone "." {
type static-stub;
server-addresses { 127.0.0.1; };
};
};
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
