private network hints

Kevin Darcy kcd at daimlerchrysler.com
Fri Mar 18 01:45:30 UTC 2005 

KD5ZMG,
        BIND needs access to an actual root zone, period, end of sentence. In the absence of being able to talk to the root servers directly, you need to either a) forward, or b) be authoritative (master or slave) for the root zone yourself. Your hints file, if any, must contain only NS records for root servers, and their associated A records. And at least one of those servers must actually respond for the root zone, otherwise named is going to be very unhappy.


It's not clear what these "other domains" are that you're talking about. 
If you mean Internet domains, then, as the previous poster pointed out, 
you should probably set up forwarding if you don't have direct 
connectivity to the Internet DNS. If, however, by "other domains" you 
mean zones hosted on other servers in your private network, then you 
should try and find out if any of those servers run an internal root 
zone. If they do, then you might be able to point the contents of your 
hints file to those servers (or make yourself a slave for that root 
zone, if they let you). If not, you may need to set yourself up as 
master for your own root zone, and then just delegate the relevant zones 
from that zone to the appropriate internal servers.

                                                                         
                              - Kevin


Schroeder, AJ wrote:

>"KD5ZMG" <my00sc00by at yahoo.com> wrote in message
>news:d1cr7a$2k84$1 at sf1.isc.org...
>  
>
>>I am setting up a private network that is not going to
>>talk to the root servers on the internet.  Can I
>>create a hints file that points to the other domains
>>and will BIND look at this file to resolve the other
>>domain names that I define in that custom hints file?
>>
>>TY...
>>
>>Mark C.
>>
>>
>>
>>    
>>
>In my experience hints are hints, and whatever information you put in there
>BIND will attempt to query no matter what. BIND's bigget concern is that it
>actually *has* a hints file rather than what is in the hints file.
>
>Out of curiosity, why are you setting your server up this way? If this is a
>secondary server, wouldn't forwarding be a better option?
>
>AJ
>
>
>
>
>
>  
>

More information about the bind-users mailing list