BIND 9.x and hint file
Hi All, I thought with some version of BIND 9, one no longer needed a root hints file. I can't recall the details and my google searches are finding how to set up a hints file (instead of suggesting this is, say, deprecated). Can someone shed some light on this? Thanks ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.x and hint file
On Aug 31 2009, Fr34k wrote: I thought with some version of BIND 9, one no longer needed a root hints file. I can't recall the details and my google searches are finding how to set up a hints file (instead of suggesting this is, say, deprecated). Can someone shed some light on this? BIND has had a compiled-in hints file (for class IN) that it will use if none is provided via the configuration file, since (I think) 9.2.0. Anyway, if you are still running any version that doesn't have it, you have worse problems. Of course, an old version of BIND may have an out-of-date compiled-in hints file. Usually this doesn't matter too much. There will be warnings logged if BIND finds that what it gets from the root servers doesn't match what is in the hints file (whether compiled-in of externally-provided), and it will subsequently believe the former. Of course, you need an external hints file if you are using a fake root for a network isolated from the Internet. Otherwise, it's largely a matter of taste. Personally, I prefer to keep one in my configurations for the small amount of extra flexibility that provides. -- Chris Thompson Email: c...@cam.ac.uk ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.x and hint file
That's exactly what I was recalling -- thanks for your time and response Mr. Reed. - Original Message From: Jeremy C. Reed jr...@isc.org To: Fr34k freaknet...@yahoo.com Cc: Bindlist bind-us...@isc.org Sent: Monday, August 31, 2009 12:37:05 PM Subject: Re: BIND 9.x and hint file On Mon, 31 Aug 2009, Fr34k wrote: I thought with some version of BIND 9, one no longer needed a root hints file. I can't recall the details and my google searches are finding how to set up a hints file (instead of suggesting this is, say, deprecated). Can someone shed some light on this? I am not sure what you are asking for. The ARM documentation says about hint zone: The initial set of root name servers is specified using a hint zone. When the server starts up, it uses the root hints to find a root name server and get the most recent list of root name servers. If no hint zone is specified for class IN, the server uses a compiled-in default set of root servers hints. Classes other than IN have no built-in defaults hints. The CHANGES entry is: 701. [func] Root hints are now fully optional. Class IN views use compiled-in hints by default, as before. Non-IN views with no root hints now provide authoritative service but not recursion. A warning is logged if a view has neither root hints nor authoritative data for the root. [RT #696] (That was in 9.2.0.) The built-in hints are in the source code at ./lib/dns/rootns.c ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.x and hint file
Thank you Chris! This is what I was looking for. - Original Message From: Chris Thompson c...@cam.ac.uk To: Fr34k freaknet...@yahoo.com Cc: Bind Users Mailing List bind-users@lists.isc.org Sent: Monday, August 31, 2009 12:33:57 PM Subject: Re: BIND 9.x and hint file On Aug 31 2009, Fr34k wrote: I thought with some version of BIND 9, one no longer needed a root hints file. I can't recall the details and my google searches are finding how to set up a hints file (instead of suggesting this is, say, deprecated). Can someone shed some light on this? BIND has had a compiled-in hints file (for class IN) that it will use if none is provided via the configuration file, since (I think) 9.2.0. Anyway, if you are still running any version that doesn't have it, you have worse problems. Of course, an old version of BIND may have an out-of-date compiled-in hints file. Usually this doesn't matter too much. There will be warnings logged if BIND finds that what it gets from the root servers doesn't match what is in the hints file (whether compiled-in of externally-provided), and it will subsequently believe the former. Of course, you need an external hints file if you are using a fake root for a network isolated from the Internet. Otherwise, it's largely a matter of taste. Personally, I prefer to keep one in my configurations for the small amount of extra flexibility that provides. -- Chris Thompson Email: c...@cam.ac.uk ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Invalid lan. and local. TLDs
On Sat, 2009-08-29 at 13:24 +1000, Mark Andrews wrote: Or one can just configure your recursive server as a stealth slave of the root zone. You make a qery every hour or so and transfer it twice a day. I have been wondering how to do a transfer twice a day without having to write something (albeit it would probably be a simple shell script). I have been running a root zone transfer on my home PC today by using: min-refresh-time 14400; // 4 hours notify no; This seems to work well enough, but for some reason it has done transfers (or at least SOA checks) every 3 hours! I have run tcpdump on the network interface to the F root server all day, and hence it shows when the transfers have occurred. So, two things: 1) is this a bug, setting min-refresh-time to 4 hours and it running every 3 hours? 2) Is this a reasonable way to perform a root zone transfer twice a day? (Using a value of 12 hours obviously.) Although we may not have right up to the minute accuracy of the root zone, it would be at most 12 hours out of date, and the DNS locally would still work since the TLD's have multiple NS records (hence we wouldn't lose a TLD unless it had only one NS and that was changed). John. -- -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287Fax: +44 (0)1752 587001 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
