BIND 9.4.x empty zones, again
Alexander Ottl
alexander.ottl at nci.de
Fri Nov 30 18:59:27 UTC 2007
Chris Thompson wrote, On 11/30/2007 06:57 PM:
> OK, 9.4.2 coming out has renewed my interest in these.
>
> I have been trying to make zones "just like" an automatic empty zone
> by using a zone file db.null containing
>
> ; Empty zone just like those generated internally by BIND 9.4
> @ 86400 SOA @ . 0 28800 7200 604800 86400
> @ 0 NS @
>
> But when I use this, e.g. with
>
> zone "0.in-addr.arpa" { type master; file "db.null"; }
>
> then I get an error
>
> named: zone 0.in-addr.arpa/IN: NS '0.in-addr.arpa' has no address records (A or AAAA)
>
> when the zone is loaded. Well, of course, but automatic empty zones seem
> to be immune from this check! (Which, incidentally, "check-integrity no;"
> at either zone or options level seems not to suppress - is that a bug?)
Incidentally i've looked the source code and that check is not part of check-integrity
or any other configurable option. That looks intentional to me. Only automatic empty
zones are exempt.
>
> I am considering specifying "localhost." as the SOA.mname and NS rdata and
> specifying
>
> empty-server "localhost";
>
> to make the automatic empty zones look the same. Opinions?
>
I wonder sometimes if NS localhost in those empty or nearly empty "dummy" zones won't
potentially force unsuspecting forwarders to send queries to themselves. And is that a
bad thing? Therefore I'd also like to hear opinions.
Regards,
Alexander Ottl
More information about the bind-users
mailing list