diff options
| author | dougb <dougb@FreeBSD.org> | 2007-06-18 05:58:23 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2007-06-18 05:58:23 +0000 |
| commit | 37159c8d5970d0203011afb6e85c4301d360ab13 (patch) | |
| tree | 1b1ef38585b47ef13ea4120bae2319fbec046a29 /etc/namedb/master | |
| parent | c2485b20cbbed190fed968003857dd1d0e048975 (diff) | |
| download | FreeBSD-src-37159c8d5970d0203011afb6e85c4301d360ab13.zip FreeBSD-src-37159c8d5970d0203011afb6e85c4301d360ab13.tar.gz | |
Bring our default named configuration more in line with current
best practices:
1. The old way of generating the localhost zones was not optimal both
because they did not exist by default, and because they were not really
aligned with BCP. There is no need to have the dynamic data that the
make-localhost script generated, and good reasons to do this more
"by the book."
2. In named.conf
a. Clean up white space
b. Add/clarify a few comments
c. Slave zones from the root servers instead of using a hints
file. This has several advantages, as described in the comments.
d. Significantly revamp the default zones, including the
forward localhost zone, and the reverse zones for IPv4 and IPv6
loopback addresses. There are extensive comments describing what
is included and why. Interested readers should take the time to
review the RFCs mentioned in the comments. There is also relevant
information about the motivations for hosting these zones in the
"work in progress" Internet-Draft,
http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
or its successor.
It's also worth noting that a significant number of these
empty zones are already included by default in the named binary
without any user configuration.
e. Because we're including a lot of examples of both local
forward zones and slave zones in the default configuration,
eliminate some of those examples.
3. Add new localhost-{forward|reverse} zone files, and an "empty" zone
to support the changes in 2.d. above. The empty zone file isn't really
empty in order to avoid a warning from BIND about a zone file that
doesn't contain any A or AAAA records.
Diffstat (limited to 'etc/namedb/master')
| -rw-r--r-- | etc/namedb/master/empty.db | 11 | ||||
| -rw-r--r-- | etc/namedb/master/localhost-forward.db | 11 | ||||
| -rw-r--r-- | etc/namedb/master/localhost-reverse.db | 13 |
3 files changed, 35 insertions, 0 deletions
diff --git a/etc/namedb/master/empty.db b/etc/namedb/master/empty.db new file mode 100644 index 0000000..070f663 --- /dev/null +++ b/etc/namedb/master/empty.db @@ -0,0 +1,11 @@ + +; $FreeBSD$ + +$TTL 3h +@ SOA @ nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + +@ NS @ + +; Silence a BIND warning +@ A 127.0.0.1 diff --git a/etc/namedb/master/localhost-forward.db b/etc/namedb/master/localhost-forward.db new file mode 100644 index 0000000..9156d2f --- /dev/null +++ b/etc/namedb/master/localhost-forward.db @@ -0,0 +1,11 @@ + +; $FreeBSD$ + +$TTL 3h +localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + + NS localhost. + + A 127.0.0.1 + AAAA ::1 diff --git a/etc/namedb/master/localhost-reverse.db b/etc/namedb/master/localhost-reverse.db new file mode 100644 index 0000000..ceabe05 --- /dev/null +++ b/etc/namedb/master/localhost-reverse.db @@ -0,0 +1,13 @@ + +; $FreeBSD$ + +$TTL 3h +@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + + NS localhost. + +1.0.0 PTR localhost. + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost. + |
