summaryrefslogtreecommitdiffstats
path: root/etc/namedb
diff options
context:
space:
mode:
authordougb <dougb@FreeBSD.org>2007-08-17 04:37:02 +0000
committerdougb <dougb@FreeBSD.org>2007-08-17 04:37:02 +0000
commit501b1be8fa4f03c54d8a2a6231af575286972b2e (patch)
tree8a6b63e76b13cf087905456dec88dad61a20ec72 /etc/namedb
parent2bd799c9eac5d96355f0314bdad1312f01d695f4 (diff)
downloadFreeBSD-src-501b1be8fa4f03c54d8a2a6231af575286972b2e.zip
FreeBSD-src-501b1be8fa4f03c54d8a2a6231af575286972b2e.tar.gz
1. Remove root name servers from the list of possible masters in the
commented out example who have either not responded, or specifically asked not to participate because they do not view AXFR as "a production service." 2. Add f.root-servers.net to the example after confirmation from Paul Vixie. 3. Add a warning to the commented out "root zone slave" example to the effect that it requires more attention than a hints file, and provides more benefit to larger sites than individual hosts. 4. Correct a typo copied from RFC 2544 which was corrected in a later errata, and confirmed in RFC 3330. Update the comment to reflect that RFC 3330 got it right and to avoid confusion down the road. 3330 also contains a reference back to 2544 for anyone interested in pursuing the history. [1] PR: conf/115573 [1] Submitted by: Oliver Fromme <olli@secnetix.de> [1] Approved by: re (kensmith)
Diffstat (limited to 'etc/namedb')
-rw-r--r--etc/namedb/named.conf24
1 files changed, 12 insertions, 12 deletions
diff --git a/etc/namedb/named.conf b/etc/namedb/named.conf
index 76ddafc..85a26a4 100644
--- a/etc/namedb/named.conf
+++ b/etc/namedb/named.conf
@@ -68,6 +68,12 @@ zone "." { type hint; file "named.root"; };
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS
+ On the other hand, this method requires more monitoring than the
+ hints file to be sure that an unexpected failure mode has not
+ incapacitated your server. Name servers that are serving a lot
+ of clients will benefit more from this approach than individual
+ hosts. Use with caution.
+
To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
@@ -76,9 +82,7 @@ zone "." {
type slave;
file "slave/root.slave";
masters {
- 192.33.4.12; // C.ROOT-SERVERS.NET.
- 192.112.36.4; // G.ROOT-SERVERS.NET.
- 193.0.14.129; // K.ROOT-SERVERS.NET.
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
@@ -86,9 +90,7 @@ zone "arpa" {
type slave;
file "slave/arpa.slave";
masters {
- 192.33.4.12; // C.ROOT-SERVERS.NET.
- 192.112.36.4; // G.ROOT-SERVERS.NET.
- 193.0.14.129; // K.ROOT-SERVERS.NET.
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
@@ -96,9 +98,7 @@ zone "in-addr.arpa" {
type slave;
file "slave/in-addr.arpa.slave";
masters {
- 192.33.4.12; // C.ROOT-SERVERS.NET.
- 192.112.36.4; // G.ROOT-SERVERS.NET.
- 193.0.14.129; // K.ROOT-SERVERS.NET.
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
@@ -155,9 +155,9 @@ zone "254.169.in-addr.arpa" { type master; file "master/empty.db"; };
// TEST-NET for Documentation (RFC 3330)
zone "2.0.192.in-addr.arpa" { type master; file "master/empty.db"; };
-// Router Benchmark Testing (RFC 2544)
-zone "18.192.in-addr.arpa" { type master; file "master/empty.db"; };
-zone "19.192.in-addr.arpa" { type master; file "master/empty.db"; };
+// Router Benchmark Testing (RFC 3330)
+zone "18.198.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "19.198.in-addr.arpa" { type master; file "master/empty.db"; };
// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa" { type master; file "master/empty.db"; };
OpenPOWER on IntegriCloud