Bind doesn't stop contacting global ROOT DNS servers after commenting(#) the the root hint zone in named.conf
Ramesh
rameshsahoo11 at gmail.com
Tue Aug 3 07:48:55 UTC 2021
Ok, thanks for the clarification.
On Tue, Aug 3, 2021 at 12:26 AM Tony Finch <dot at dotat.at> wrote:
> Ramesh <rameshsahoo11 at gmail.com> wrote:
> >
> > I commented the root hint zone section(default) in the named.conf file to
> > stop bind from communicating to the global root DNS servers and it should
> > only use the internal forwarders available in the options{} section.
>
> I think the config option you want is `forward only`. The default is
> `forward first` which has the fallback behaviour that you observed.
>
> On my servers I don't configure a hint zone: using BIND's built-in hints
> and trust anchor reduces the amount of configuration that needs to be
> deployed in the chroots and which can go stale.
>
> Tony.
> --
> f.anthony.n.finch <dot at dotat.at> https://dotat.at/
> the market alone does not distribute wealth or income fairly
>
>
>
--
Thanks & Regards,
Ramesh Sahoo
Mob# 7798014674
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210803/848e4753/attachment.htm>
More information about the bind-users
mailing list