Bind doesn't stop contacting global ROOT DNS servers after commenting(#) the the root hint zone in named.conf

Tony Finch dot at dotat.at
Mon Aug 2 18:56:52 UTC 2021


Ramesh <rameshsahoo11 at gmail.com> wrote:
>
> I commented the root hint zone section(default) in the named.conf file to
> stop bind from communicating to the global root DNS servers and it should
> only use the internal forwarders available in the options{} section.

I think the config option you want is `forward only`. The default is
`forward first` which has the fallback behaviour that you observed.

On my servers I don't configure a hint zone: using BIND's built-in hints
and trust anchor reduces the amount of configuration that needs to be
deployed in the chroots and which can go stale.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  https://dotat.at/
the market alone does not distribute wealth or income fairly




More information about the bind-users mailing list