ROOT hints "BEST PRACTICE"
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Sep 24 10:40:39 UTC 2008
On Tue, Sep 23, 2008 at 08:03:40PM -0600,
Beavis <pfunix at gmail.com> wrote
a message of 17 lines which said:
> 1.) run the query.
>
> dig +tcp @a.root-servers.net . ns
Or:
dig +bufsize=4096 @a.root-servers.net . ns
(UDP + EDNS0)
> but this one times out on those ipv6 dns boxes.
Time to debug on your side (a.root-servers.net works fine with IPV6):
traceroute6, ifconfig, check broken middleboxes, etc.
> 2.) download the root.hints from ftp.internic.net
The good thing about this one is that you can check the signature, for
added security (of course, the problem is to find the authentic key
for Verisign).
More information about the bind-users
mailing list