Add a root to an Internal DNS server
Jim Reid
jim at rfc1035.com
Fri Jan 21 11:02:18 UTC 2000
>>>>> "Soraya" == Soraya Hassanaly <SHassanaly at siticom.fr> writes:
Soraya> Hi All, I have an Internal DNS, which I was said seemed to
Soraya> work without any root configured on it.
There will probably be a lot of complaints in the name server logs
about not being able to find the root zone. Name servers need to know
where the root name servers are located.
Soraya> The current internal domain is xxxx.net. If I want to add another
Soraya> domain - yyyy.org - and make some delegation for it, I
Soraya> think I have to add the root domain and then configure the
Soraya> delegation.
Indeed.
Soraya> But how do I add the root domain in the DNS,?
The same was as you'd do any other domain. Create a zone file for it
and appropriate zone statements for it in named.conf:
zone "." {
type master;
file "root";
}
The root zone file could look something like:
$TTL 86400
. IN SOA ns.xxx.net hostmaster.xxx.net (
serial
refresh
retry
expire
minTTL
)
; delegation for xxx.net
xxx.net. IN NS ns.xxx.net.
xxx.net. IN NS ns.yyy.org.
; delegation for yyy.org
yyy.org. IN NS ns.xxx.net.
yyy.org. IN NS ns.yyy.org.
; glue for the above NS records
ns.xxx.net. IN NS 10.9.8.7
ns.yyy.org. IN NS 10.11.12.13
Note that the root zone file above delegates straight to xxx.net and
yyy.org: there is no need for an explicit delegation of the .org and
.net zones.
Remember that if your name server is authoritative for ".", there's no
need for a hints zone and named.cache file for the root zone.
Soraya> What are the impacts?
Anyone querying this name server will only see your internal name
space, not the Internet. This is usually why people set up their own
root zone on their internal network. And you better make sure that
details of your internal root doesn't leak out to something that's on
the internet.
More information about the bind-users
mailing list