About root zones
Barry Margolin
barmar at alum.mit.edu
Mon Jan 2 22:03:20 UTC 2012
In article <mailman.656.1325532888.68562.bind-users at lists.isc.org>,
Chuck Swiger <cswiger at mac.com> wrote:
> On Jan 2, 2012, at 2:16 PM, Barry Margolin wrote:
> > If the system resolver is good enough for every other application
> > running on the system, it should be good enough for BIND.
> >
> > Why not at least allow this as an option?
>
> The system resolver will happily provide answers based upon data from
> /etc/hosts, YP/NIS, and LDAP which have no relationship to what is in the
> DNS.
In that case, you probably shouldn't enable the option. I'm not even
suggesting that the option be on by default.
Actually, does libresolv really use those other facilities?
gethostbyname() does, but BIND probably shouldn't use that, because it
loses data like TTLs.
> Every other application on the system is probably not a DNS nameserver. Case
But a DNS nameserver is not the same thing as a DNS client.
> in point: should dig use the system resolver for an /etc/hosts entry and
> pretend that there was an A and PTR record in the DNS?
Of course not, since the purpose of dig is to test DNS queries and show
the internal details.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list