Bind doesn't stop contacting global ROOT DNS servers after commenting(#) the the root hint zone in named.conf
Ramesh
rameshsahoo11 at gmail.com
Mon Aug 2 15:28:28 UTC 2021
Hello,
I commented the root hint zone section(default) in the named.conf file to
stop bind from communicating to the global root DNS servers and it should
only use the internal forwarders available in the options{} section.
#zone "." IN { # type hint; # file "named.ca";#};
But the BIND still communicates to the ROOT DNS server when the query can't
be answered by the internal forwarders.
- Is this a default behavior?
- Does bind has an inbuilt root hint zone even though the zone is not
defined in the namd.conf file?
*I tried the following workaround and it worked for me.*
Disabled the global forwarders in the options{} section:
/* forwarders { x.x.x.3; x.x.x.2;
x.x.x.1; };*/
Redefined the root hint as a forward type zone
zone "." IN { //type hint; //file "named.ca";
type forward; forward only; forwarders { x.x.x.3;
x.x.x.2; x.x.x.1; };};
Now bind only communicates to the forwarding DNS servers and never tries to
communicate to the global root DNS servers.
- Any side effects with the above setting?
- My org. doesn't allow external DNS communication.
- Any other way to prevent bind communicating the root DNS servers but
only ask the internal forwarders?
--
Thanks & Regards,
Ramesh Sahoo
Mob# 7798014674
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210802/2bc5966e/attachment.htm>
More information about the bind-users
mailing list