Lump answers

Mark_Andrews at iengines.com Mark_Andrews at iengines.com
Sat Nov 27 06:59:37 UTC 1999 

> > 2:  If you are running a master server regardless of connection to the
> Internet,
> >     assuming you do not want to reach the root servers, but rather set
> yourself
> >     up as a fake root (that is, you say that you know everything about the
> >     namespace), make a fake.cache file and specify it in a zone of type
> master.
> >         zone "." IN { type master; file "/var/named/fake.cache"; };
> >     fake.cache should contain an SOA and NS RR, like any other zone file.
> >     (This begs the question, what happens if I use "forward" if I am
> root?)
> 
> Probably not what you expect.  Your name server would forward
> almost nothing, returning NXDOMAIN responses for queries in
> any top-level domains it doesn't delegate from its root zone.

	A root server will forward any recursive queries asked of it for
	which it does not already have an answer.  This works even if the
	forwarder has to ask the root for information as the forwarder will
	make a non-recursive query to the root server.

> 
> >     Before 8.2.2,you will see in syslog: info: No root nameservers for
> class IN
> 
> No, you won't see this in a correctly configured internal root setup.

 Christine is correct.

 715.   [clarity]       root servers don't need to be primed.

> 
> >     b) forget the hint file all together
> >     Result:  nothing works.  syslog will complain: findns: No root
> nameservers
> >     for class IN?  This is not the same as the info message in case 2.
> Case 2
> >     applies to root servers only.  You definitely need a hint file, but
> what
> >     goes in it?  Read on.
> 
> This isn't true.  Forward-only name servers have always been able
> to run without a root hints file, and in newer verisons of BIND,
> you don't even see an error message in this configuration.
> 

	"Forward only" only works correctly as of BIND 8.2.1.
	Prior to BIND 8.2 the hints file is required and should be
	configured with the root servers.  With BIND 8.2 don't even
	attempt "forward only".


> >     c) use a hint file, specify yourself in it
> >     Result: no problem, everything works great.  syslog doesn't complain.
> I
> >     think this is the right setup (please tell me if I'm wrong).  However,
> if
> >     this is a slave, it has a set of problem all its own.

	If you are a slave/master of "." you don't specify hints for
	that class.

> 
> If you're in forward-only mode, it doesn't matter what's in your
> root hints file.

	I still recommend putting the correct data there.
> 
> cricket
> 
> Acme Byte & Wire
> cricket at acmebw.com
> www.acmebw.com
> 
> Attend the next Internet Software Consortium/Acme Byte & Wire
> DNS and BIND class!  See www.acmebw.com/training.htm for
> the schedule and to register for upcoming classes.
> 
> 
--
Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at iengines.com

More information about the bind-users mailing list