Disable Root Hints
Eric Reischer
emr at engr.de.psu.edu
Thu Oct 23 19:33:08 UTC 2008
Greetings all. I have a private network that is not (and will not ever
be) connected to the Internet, but I want to set up an internal DNS
server to help navigating between machines. I've successfully set up my
domain (foo.com, let's say) root file and the server is answering
queries to it dutifully, but I want to disable fallover to the
root-servers in the event the local server cannot resolve a name (since
they'll never be reachable). However it seems that newer versions of
BIND9 actually have the root servers primed in the program at
compile-time, irrespective of the root hints file.
My question is, will it be sufficient to create a new root hints file
that has [A-M].ROOT-SERVERS.NET all defined as 192.168.0.2 (my BIND9
server's address), or will some other method be more prudent? Will this
create a circular reference? My goal is to have the server return an
NXDOMAIN rather than a SERVFAIL on a query to a host that isn't in the
local table. The other thought I had was to create zone files for
"com", "net", "edu", etc, and have them all empty.
Thanks.
More information about the bind-users
mailing list