Root Hints Data File for a .local Domain

Kevin Darcy kcd at chrysler.com
Wed Mar 9 19:11:12 UTC 2011


On 3/9/2011 8:32 AM, Tony MacDoodle wrote:
> Hello,
>
> I am currently running BIND 9.6.1-P3 and it works fine. My question is 
> regarding the db.cache file. I am only running a local domain 
> (apps.local) that does not access the internet for resolution. My 
> current root hints file is from Internic.
>
> 1) Can I use a stripped version of the named.root file
>
> 2) Do I need it at all for a local domain
>
If you're on a completely isolated network, with a DNS-consumer 
population of any significant size, you should set up your own root 
zone, along with defining slaves, setting up master/slave replication, 
and publishing all available nameservers in the NS records of the root 
zone. If, after you've built up that core authoritative infrastructure, 
you want any of your "edge" resolvers to be "caching-only", i.e. with a 
minimal config, then you'd configure them with a root "hints" file, but 
it wouldn't contain the same contents as the one from Internic -- it 
would contain references to your own internal root nameservers, along 
with their internal addresses.

Someone suggested that ".local" might be problematic, but we've been 
using various ".local" domains in our internal DNS for years -- not my 
choice, this is from the Active Directory team of one of our business 
partners -- and not run into any problems so far.

                                                                         
                                                                         
                                                                     - Kevin







More information about the bind-users mailing list