Slaving root zone?
Terrence Koeman
root at mediamonks.net
Wed Sep 5 19:55:16 UTC 2001
OK, lets make things clear. I'm currently running MS-DNS, which slaves '.'
perfectly.
The zone that I slave is the ORSC root, which includes the ICANN root:
-------------------------
. IN SOA A.ROOT-SERVERS.ORSC. HOSTMASTER.A.ROOT-SERVERS.ORSC (
2001081503 ;serial
; YYYYMMDDss
10800 ;refresh every 3 hours
900 ;retry every 15 minutes
604800 ;expire after a week
86400 ;minimum of a day
)
;
; Other servers in our confederation
;
A.ROOT-SERVERS.ORSC. 172800 A 199.166.24.1 ; RJS
B.ROOT-SERVERS.ORSC. 172800 A 216.13.126.116 ; RJS/JH
C.ROOT-SERVERS.ORSC. 172800 A 216.196.51.3 ; GM
D.ROOT-SERVERS.ORSC. 172800 A 204.80.125.130 ; SH
E.ROOT-SERVERS.ORSC. 172800 A 195.117.6.10 ; KC
F.ROOT-SERVERS.ORSC. 172800 A 199.166.31.3 ; DW
G.ROOT-SERVERS.ORSC. 172800 A 199.166.31.250 ; DW
H.ROOT-SERVERS.ORSC. 172800 A 199.5.157.128 ; JP
I.ROOT-SERVERS.ORSC. 172800 A 204.57.55.100 ; AS
J.ROOT-SERVERS.ORSC. 172800 A 213.196.2.97 ; MS
K.ROOT-SERVERS.ORSC. 172800 A 193.218.215.94 ; MG
. 172800 IN NS A.ROOT-SERVERS.ORSC.
. 172800 IN NS B.ROOT-SERVERS.ORSC.
. 172800 IN NS C.ROOT-SERVERS.ORSC.
. 172800 IN NS D.ROOT-SERVERS.ORSC.
. 172800 IN NS E.ROOT-SERVERS.ORSC.
. 172800 IN NS F.ROOT-SERVERS.ORSC.
. 172800 IN NS G.ROOT-SERVERS.ORSC.
. 172800 IN NS H.ROOT-SERVERS.ORSC.
. 172800 IN NS I.ROOT-SERVERS.ORSC.
. 172800 IN NS J.ROOT-SERVERS.ORSC.
. 172800 IN NS K.ROOT-SERVERS.ORSC.
[snip]
COM. 172800 IN NS A.GTLD-SERVERS.NET.
COM. 172800 IN NS H.GTLD-SERVERS.NET.
COM. 172800 IN NS G.GTLD-SERVERS.NET.
COM. 172800 IN NS C.GTLD-SERVERS.NET.
COM. 172800 IN NS I.GTLD-SERVERS.NET.
COM. 172800 IN NS B.GTLD-SERVERS.NET.
COM. 172800 IN NS D.GTLD-SERVERS.NET.
COM. 172800 IN NS L.GTLD-SERVERS.NET.
COM. 172800 IN NS F.GTLD-SERVERS.NET.
COM. 172800 IN NS J.GTLD-SERVERS.NET.
COM. 172800 IN NS K.GTLD-SERVERS.NET.
COM. 172800 IN NS E.GTLD-SERVERS.NET.
COM. 172800 IN NS M.GTLD-SERVERS.NET.
[snip]
-------------------------
The DNS server I'm running is a rootserver for this root and is also a full
public resolver (recursive). It consists of 2 load-balanced servers and
handles about 50 million queries a day.
If I'm gonna change to BIND, it has to be able to slave the zone '.'. In
_general_ it has to be able to slave the zone '.', because it is just
another zone!
Regards,
Terrence Koeman
-----Original Message-----
From: Danny Mayer [mailto:mayer at gis.net]
Sent: Wednesday, September 05, 2001 21:36
To: Marc C Storck; root at mediamonks.net; bind-users at isc.org
Subject: Re: Slaving root zone?
At 01:56 PM 9/5/01, Marc C Storck wrote:
>>You're doing something wrong. The root zone is of type hint and has no
masters.
>>The zone name "mediamonks.net" doesn't need the trailing period, there's
an
>>ending comment "*/" at the end of the logging clause. You should be
looking
>>at what named.run says as well as what's in the application event log for
details
>>of what's wrong.
>That's just not 100% correct ROOT-SERVERS do slave the "." (root) zone.
You're misreading this. What the root servers do is not relevant here.
What
he has done is turn his own server into a root server and it will never
query anywhere
else for a top-level domain (.com,.net, etc) since he's made his own BIND
server
authorative. Since the db.root file will only contain the list of root
servers it will
never find any of these TLD's.
>And that is just what he is trying to do!
That's not what he should be doing.
Danny
More information about the bind-users
mailing list