continous DNS query to ROOT DNS server

Mark Andrews marka at isc.org
Wed Apr 27 00:19:05 UTC 2011 

In message <Prayer.1.3.3.1104262020310.15088 at hermes-2.csi.cam.ac.uk>, Chris Tho
mpson writes:
> On Apr 26 2011, Eivind Olsen wrote:
> 
> >Chris Buxton wrote:
> >
> >> Create RFC 1918 reverse zones for whatever parts of this address space
> >> you're using.
> >> Newer versions of BIND will do this automatically for you -- the zones
> >> are created without content. What version of BIND are you using?
> >
> >Hm, anyone know which versions? The BIND 9.8 ARM has a section about
> >built-in empty zones, where it for example says "In particular, these
> >cover the reverse namespace for addresses from RFC 1918 and RFC 3330.",
> >then goes on to list several zones which are _not_ what I normally think
> >of when someone mention RFC 1918.
> 
> The text has been the same for several releases, and it is fairly likely
> to lead to confusion:
> 
> | Named has some built-in empty zones (SOA and NS records only). These
> | are for zones that should normally be answered locally and which queries
> | should not be sent to the Internet's root servers. The official servers
> | which cover these namespaces return NXDOMAIN responses to these queries.
> | In particular, these cover the reverse namespace for addresses from
> | RFC 1918 and RFC 3330. They also include the reverse namespace for
> | IPv6 local address (locally assigned), IPv6 link local addresses,
> | the IPv6 loopback address and the IPv6 unknown address.
> 
> Is it "the official servers which cover these namespaces" for the RFC 1918
> addresses that return NXDOMAIN (true, the AS112 project), or the automatic
> empty zones that do the same locally (false, even in 9.8.0, without source
> modifications)? Referencing RFC 3330 muddies the issue even more, as most
> of the addresses listed there, *except* the RFC 1918 ones, *are* covered
> by automatic empty zones.
> 
> I think ISC need to do a bit of work on the documentation here.

The RFC 1918 zones have been waiting on
draft-ietf-dnsop-default-local-zones (-15 is the latest) to clear
the IETF.  Its been a loooooooong process.  The draft is finally
in IETF last call.  We needed to wait on the other chair to do the
proto writeup to avoid conflict of interest issues with Rob,
initially, and now Stephen doing the writeup.

Various vendors said they needed a RFC before they could ship this
as a default for the RFC 1918 namespace.  There are RFCs covering
some of the other parts that are turned on saying to do this.  This
is why those zones are "#ifdef notyet".

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list