root and in-addr.arpa zone transfers
omight
omight at gmail.com
Thu Sep 10 07:40:23 UTC 2009
Apparently FreeBSD only slaves F.ROOT-SERVERS.NET in it's default
configuration for bind:
http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/namedb/named.conf
http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/namedb/named.conf?rev=1.21.2.9;content-type=text%2Fplain
<SNIP>
/* Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS
On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server. Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts. Use with caution.
To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
/*
zone "." {
type slave;
file "slave/root.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "arpa" {
type slave;
file "slave/arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
<SNIP>
2009/9/9 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
> On 09.09.09 11:00, Rick Dicaire wrote:
>> On Wed, Sep 9, 2009 at 10:51 AM, Rich Goodson <rgoodson at gronkulator.com> wrote:
>> > zone "." {
>> > type slave;
>> > file "slave/root.slave";
>> > masters {
>> > 192.33.4.12; // C.ROOT-SERVERS.NET.
>> > 192.112.36.4; // G.ROOT-SERVERS.NET.
>> > 193.0.14.129; // K.ROOT-SERVERS.NET.
>> > };
>> > notify no;
>> > };
>>
>> Interesting....can any of the root servers be used, or must it be just
>> these three?
>
> you can try dig axfr from all of them but many of them don't allow
> transfers. I guess he already did it and above is list of servers that do
> allow transfers...
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Due to unexpected conditions Windows 2000 will be released
> in first quarter of year 1901
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list