RFC 6303 and bind 9.9.0
barmar at alum.mit.edu
Fri Mar 2 03:20:05 UTC 2012
In article <mailman.96.1330636659.63724.bind-users at lists.isc.org>,
Chris Thompson <cet1 at cam.ac.uk> wrote:
> On Mar 1 2012, Spain, Dr. Jeffry A. wrote:
> >Also I see that bind 9.9.0 uses built-in root hints if those are not
> >explicitly configured.
> That has been true since BIND 9.2.
> >If the root hints are updated on ftp://rs.internic.net/domain/, would it
> >require a new build of bind to incorporate them, or is bind able to update
> >its built-in root hints by some other means?
> No, it requires a rebuild after changing lib/dns/rootns.c. But using a
> mildly out-of-date hints file is usually harmless - it is only a *hint*.
Right. One of the first things BIND does after starting up is query one
of the root servers to get the current set of root servers.
So the only potential problem would be if someone were to hijack one (or
more) of the root servers and make it give out a bogus answer.
More information about the bind-users