Building a fresh named.root

Robert Moskowitz rgm at htt-consult.com
Thu Feb 14 14:48:06 UTC 2013 

On 02/14/2013 09:34 AM, Warren Kumari wrote:
> On Feb 14, 2013, at 9:28 AM, Robert Moskowitz <rgm at htt-consult.com> wrote:
>
>> On 02/14/2013 09:05 AM, Warren Kumari wrote:
>>> BIND now comes with a baked in roots file (in the imaginatively named lib/dns/rootns.c )
>> Not (at least by that name) in the Redhat/Centos 6.3 bind 9.8.2.
> Nope -- it is in lib/dns/rootns.c in the source code tree….

Oh, of course...

> When BIND is compiled into a binary this gets baked in….
>
> You can verify this by running strings on the binary. E.g:
>
> wkumari$:~$ strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET
> .                       518400  IN      NS      A.ROOT-SERVERS.NET.
> A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4
> A.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:BA3E::2:30

Mine is located in /usr/sbin/ and no such string.  In fact the only 
occurance of ROOT is a comment on the location of the ROOT KEY.

And anyway, baking it in is a problem as we continue to have an 
availablity of AAAA for the roots.


>
>>
>>> There is no need for a named.root file, and is just another thing to go wrong…
>> Is there anything needed in the named.conf to actuate this if you do have it?
>>
>>> W
>>> On Feb 14, 2013, at 8:35 AM, Robert Moskowitz <rgm at htt-consult.com> wrote:
>>>
>>>> The Centos 6.3 bind and bind-chroot do not seem to come with a named.root.  Does have a named.ca, though.
>>>>
>>>> So from my old named.root.hints include (also not provided; where did I get this?) I tried:
>>>>
>>>> wget ftp://ftp.rs.internic.net/domain/named.root
>>>>
>>>> And got a nice looking named.root  last updated 1/3/2013, with nice comments on who use to run the various root servers.
>>>>
>>>> Then I tried:
>>>>
>>>> dig . ns @198.41.0.4 > named.root
>>>>
>>>> I see where this addr is the A root server, anyway, the response did not have A records for B, E, I, J, or L !!! And of course no AAAA records for I, J, or L.  It has NS records for A thru M.
>>>>
>>>> What went wrong here?
>>>>
>>>> Which do I use?
>>>>

More information about the bind-users mailing list