About root zones
Lightner, Jeff
JLightner at water.com
Wed Dec 21 14:06:37 UTC 2011
"if a root zone is not defined in named.conf"
I wonder if you really do NOT want to ever hit root zones you could make your own entry in named.conf that points to localhost for root zone and thereby avoid hitting any real root?
-----Original Message-----
From: bind-users-bounces+jlightner=water.com at lists.isc.org [mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf Of Peter Andreev
Sent: Wednesday, December 21, 2011 4:05 AM
To: bind-users at lists.isc.org
Subject: Re: About root zones
2011/12/21 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>>>> 2011/12/20 Mark Andrews <marka at isc.org>:
>>>>>
>>>>> Named has a compiled in set of root hints. It is used if
>>>>> a root zone is not defined in named.conf.
>
>
>>> On 20.12.11 17:37, Peter Andreev wrote:
>>>>
>>>> Whether it means that without hint zone named still can perform
>>>> iterative lookups for its internal purposes?
>
>
>> 2011/12/20 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>>>
>>> yes.
>
>
> On 21.12.11 12:17, Peter Andreev wrote:
>>
>> This fact is really disappointing.
>
>
> well, it's needed for proper functionality. What exactly seems to be your
> problem?
Well, we run a bunch of authoritative-only slave servers and obviously
they don't have to perform any kind of lookups.
Some time ago user complained that one of these slave servers
responses with wrong data. My colleague tried to investigate this
issue, but without any success. Just in case we disabled
"additional-from-cache".
That's why any sort of internal lookups looks very suspicious for me.
>
> Note that
> - only clients that are allowed to recurse are able to see date
> the "type hint" zone
> - only clients from local networks are allowed to recurse by default.
> You can tune this by configuring the "allow-recursion" option.
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Atheism is a non-prophet organization.
> _______________________________________________
>
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
--
AP
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Athena®, Created for the Cause(tm)
Making a Difference in the Fight Against Breast Cancer
---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------
More information about the bind-users
mailing list