Non-Internet "named.ca" file root hint.
Kevin Darcy
kcd at daimlerchrysler.com
Mon Jan 9 22:33:34 UTC 2006
Peter Dambier wrote:
>I have even seen sombody putting MX records in the root but no, that
>is no good idea and stay away from CNAME records too.
>
>
FUD.
I use wildcard MX records in our internal root zone without problems. I
wouldn't have any qualms about putting CNAMEs in there too, although
there hasn't been a request for that...
The most noticeable quirk about having wildcard MX records in the root
zone is that one tends to get NODATA rather than NXDOMAIN responses for
names under those wildcards. Occasionally this causes a little confusion
for certain "power users" who know enough to run nslookup from the
command-line but not enough to understand the NODATA/NXDOMAIN
distinction, but AFAIK nothing has broken from it. The big benefit of
the wildcard MXes is that I get to control our SMTP mail routing
centrally and with plenty of granularity.
For very small internal DNS setups, I'd recommend putting *everything*
-- even the in-addr.arpa stuff -- into a single root zone just to keep
things simple. And make all of the BIND instances slaves of that zone.
This doesn't scale very well, of course, but is easy to maintain and
might be appropriate for a small company with only a part-time, perhaps
inexperienced DNS administrator.
- Kevin
More information about the bind-users
mailing list