Newbie Questions

Mark Andrews Mark_Andrews at isc.org
Fri Dec 8 23:53:17 UTC 2006


> Here's my views in-line below:
> 
> dev_null at pubbox.net wrote:
> > 1) Should the root hint zone be always needed? In fact I commented these 
> > four lines and bind seems work normally too:
> >
> > //zone "." in {
> > //        type hint;
> > //        file "db.cache";
> > //};
> >   
> Since bind-9.3.2, I've never needed the root hints on my DNS servers.

	BIND 9 ships with a built in set of hints pointing to the
	Internet's root servers.  You can override the defaults by
	specifying a "hints" zone.

	You need to override the built in hints when you are not
	using the Internet's root servers or when the built in hints
	are out of date.

> > 2) The rndc command's help info say:
> >
> > stop          Save pending updates to master files and stop the server.
> > halt          Stop the server without saving pending updates.
>
> > So, what's the meanings of "pending updates" ?
> >   
> Pending updates, I believe, are when you modify a zone on-the-fly 
> (dynamic updates), it saves a journal file but doesn't actually write 
> the physical changes to disk immediately.
> A pending update has been applied to the zone, but not yet written to 
> the zone's file.  A 'stop' will flush the journal to disk, whereas a 
> 'halt' will cause you to lose un-committed changes.
> (I think!)

	No.

	'rndc stop' will cause named to write out a new master file if needed.
	i.e. there are changes in the journal which are not yet in the master
	file.
	'rndc halt' will prevent named writing out the new master file if it
	would have been needed.

	No updates are lost in either case as they are written to the journal
	before the UPDATE response is sent.  When named starts up it reads
	both the master file and the journal.

> > 3) After install bind,why I need to create named.conf & rndc.key by hand? 
> > Why bind doesn't create the default files for them like Apache?
> >   
> I personally don't believe there is such thing as a "default" config for 
> bind.  For example, are you using it as a caching-only server, as a 
> slave for one/multiple zones, as a primary for one/multiple zones?  
> There's a long list of uses for bind and your configuration depends on 
> your use.  Also regarding the key file, it's specific to the machine, if 
> you shipped a standard key file out with bind, a lot of people would 
> have the same key file and it'd be a big security risk.
> > 4) What's the use of port 953 running on localhost?
> >   
> I believe this is the port that rndc uses to connect to bind.
> 
> Andy Shellam
> NetServe Support Team
> 
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list