diff options
author | dougb <dougb@FreeBSD.org> | 2007-08-17 04:37:02 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2007-08-17 04:37:02 +0000 |
commit | 501b1be8fa4f03c54d8a2a6231af575286972b2e (patch) | |
tree | 8a6b63e76b13cf087905456dec88dad61a20ec72 /etc/namedb | |
parent | 2bd799c9eac5d96355f0314bdad1312f01d695f4 (diff) | |
download | FreeBSD-src-501b1be8fa4f03c54d8a2a6231af575286972b2e.zip FreeBSD-src-501b1be8fa4f03c54d8a2a6231af575286972b2e.tar.gz |
1. Remove root name servers from the list of possible masters in the
commented out example who have either not responded, or specifically
asked not to participate because they do not view AXFR as "a production
service."
2. Add f.root-servers.net to the example after confirmation from
Paul Vixie.
3. Add a warning to the commented out "root zone slave" example to the
effect that it requires more attention than a hints file, and provides
more benefit to larger sites than individual hosts.
4. Correct a typo copied from RFC 2544 which was corrected in a later
errata, and confirmed in RFC 3330. Update the comment to reflect that
RFC 3330 got it right and to avoid confusion down the road. 3330 also
contains a reference back to 2544 for anyone interested in pursuing the
history. [1]
PR: conf/115573 [1]
Submitted by: Oliver Fromme <olli@secnetix.de> [1]
Approved by: re (kensmith)
Diffstat (limited to 'etc/namedb')
-rw-r--r-- | etc/namedb/named.conf | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/etc/namedb/named.conf b/etc/namedb/named.conf index 76ddafc..85a26a4 100644 --- a/etc/namedb/named.conf +++ b/etc/namedb/named.conf @@ -68,6 +68,12 @@ zone "." { type hint; file "named.root"; }; 2. No spurious traffic will be sent from your network to the roots 3. Greater resilience to any potential root server failure/DDoS + On the other hand, this method requires more monitoring than the + hints file to be sure that an unexpected failure mode has not + incapacitated your server. Name servers that are serving a lot + of clients will benefit more from this approach than individual + hosts. Use with caution. + To use this mechanism, uncomment the entries below, and comment the hint zone above. */ @@ -76,9 +82,7 @@ zone "." { type slave; file "slave/root.slave"; masters { - 192.33.4.12; // C.ROOT-SERVERS.NET. - 192.112.36.4; // G.ROOT-SERVERS.NET. - 193.0.14.129; // K.ROOT-SERVERS.NET. + 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; @@ -86,9 +90,7 @@ zone "arpa" { type slave; file "slave/arpa.slave"; masters { - 192.33.4.12; // C.ROOT-SERVERS.NET. - 192.112.36.4; // G.ROOT-SERVERS.NET. - 193.0.14.129; // K.ROOT-SERVERS.NET. + 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; @@ -96,9 +98,7 @@ zone "in-addr.arpa" { type slave; file "slave/in-addr.arpa.slave"; masters { - 192.33.4.12; // C.ROOT-SERVERS.NET. - 192.112.36.4; // G.ROOT-SERVERS.NET. - 193.0.14.129; // K.ROOT-SERVERS.NET. + 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; @@ -155,9 +155,9 @@ zone "254.169.in-addr.arpa" { type master; file "master/empty.db"; }; // TEST-NET for Documentation (RFC 3330) zone "2.0.192.in-addr.arpa" { type master; file "master/empty.db"; }; -// Router Benchmark Testing (RFC 2544) -zone "18.192.in-addr.arpa" { type master; file "master/empty.db"; }; -zone "19.192.in-addr.arpa" { type master; file "master/empty.db"; }; +// Router Benchmark Testing (RFC 3330) +zone "18.198.in-addr.arpa" { type master; file "master/empty.db"; }; +zone "19.198.in-addr.arpa" { type master; file "master/empty.db"; }; // IANA Reserved - Old Class E Space zone "240.in-addr.arpa" { type master; file "master/empty.db"; }; |