Root Hints Data File for a .local Domain
Kevin Darcy
kcd at chrysler.com
Wed Mar 9 19:11:12 UTC 2011
On 3/9/2011 8:32 AM, Tony MacDoodle wrote:
> Hello,
>
> I am currently running BIND 9.6.1-P3 and it works fine. My question is
> regarding the db.cache file. I am only running a local domain
> (apps.local) that does not access the internet for resolution. My
> current root hints file is from Internic.
>
> 1) Can I use a stripped version of the named.root file
>
> 2) Do I need it at all for a local domain
>
If you're on a completely isolated network, with a DNS-consumer
population of any significant size, you should set up your own root
zone, along with defining slaves, setting up master/slave replication,
and publishing all available nameservers in the NS records of the root
zone. If, after you've built up that core authoritative infrastructure,
you want any of your "edge" resolvers to be "caching-only", i.e. with a
minimal config, then you'd configure them with a root "hints" file, but
it wouldn't contain the same contents as the one from Internic -- it
would contain references to your own internal root nameservers, along
with their internal addresses.
Someone suggested that ".local" might be problematic, but we've been
using various ".local" domains in our internal DNS for years -- not my
choice, this is from the Active Directory team of one of our business
partners -- and not run into any problems so far.
- Kevin
More information about the bind-users
mailing list