1. Remove root name servers from the list of possible masters in the

commented out example who have either not responded, or specifically asked not to participate because they do not view AXFR as "a production service." 2. Add f.root-servers.net to the example after confirmation from Paul Vixie. 3. Add a warning to the commented out "root zone slave" example to the effect that it requires more attention than a hints file, and provides more benefit to larger sites than individual hosts. 4. Correct a typo copied from RFC 2544 which was corrected in a later errata, and confirmed in RFC 3330. Update the comment to reflect that RFC 3330 got it right and to avoid confusion down the road. 3330 also contains a reference back to 2544 for anyone interested in pursuing the history. [1] PR: conf/115573 [1] Submitted by: Oliver Fromme <olli@secnetix.de> [1] Approved by: re (kensmith)
svn path=/head/; revision=171865
2007-08-17 04:37:02 +00:00 · 2007-08-17 04:37:02 +00:00 · f183dbca4f · 2020-12-20 02:59:44 +00:00
commit f183dbca4f
parent 203ab4d0c3
1 changed files with 12 additions and 12 deletions
--- a/etc/namedb/named.conf
+++ b/etc/namedb/named.conf
@ -68,6 +68,12 @@ zone "." { type hint; file "named.root"; };
 	2. No spurious traffic will be sent from your network to the roots
 	3. Greater resilience to any potential root server failure/DDoS

+	On the other hand, this method requires more monitoring than the
+	hints file to be sure that an unexpected failure mode has not
+	incapacitated your server.  Name servers that are serving a lot
+	of clients will benefit more from this approach than individual
+	hosts.  Use with caution.
+
 	To use this mechanism, uncomment the entries below, and comment
 	the hint zone above.
 */
@ -76,9 +82,7 @@ zone "." {
 	type slave;
 	file "slave/root.slave";
 	masters {
-		192.33.4.12;	// C.ROOT-SERVERS.NET.
-		192.112.36.4;	// G.ROOT-SERVERS.NET.
-		193.0.14.129;	// K.ROOT-SERVERS.NET.
+		192.5.5.241;	// F.ROOT-SERVERS.NET.
 	};
 	notify no;
 };
@ -86,9 +90,7 @@ zone "arpa" {
 	type slave;
 	file "slave/arpa.slave";
 	masters {
-		192.33.4.12;	// C.ROOT-SERVERS.NET.
-		192.112.36.4;	// G.ROOT-SERVERS.NET.
-		193.0.14.129;	// K.ROOT-SERVERS.NET.
+		192.5.5.241;	// F.ROOT-SERVERS.NET.
 	};
 	notify no;
 };
@ -96,9 +98,7 @@ zone "in-addr.arpa" {
 	type slave;
 	file "slave/in-addr.arpa.slave";
 	masters {
-		192.33.4.12;	// C.ROOT-SERVERS.NET.
-		192.112.36.4;	// G.ROOT-SERVERS.NET.
-		193.0.14.129;	// K.ROOT-SERVERS.NET.
+		192.5.5.241;	// F.ROOT-SERVERS.NET.
 	};
 	notify no;
 };
@ -155,9 +155,9 @@ zone "254.169.in-addr.arpa"	{ type master; file "master/empty.db"; };
 // TEST-NET for Documentation (RFC 3330)
 zone "2.0.192.in-addr.arpa"	{ type master; file "master/empty.db"; };

-// Router Benchmark Testing (RFC 2544)
-zone "18.192.in-addr.arpa"	{ type master; file "master/empty.db"; };
-zone "19.192.in-addr.arpa"	{ type master; file "master/empty.db"; };
+// Router Benchmark Testing (RFC 3330)
+zone "18.198.in-addr.arpa"	{ type master; file "master/empty.db"; };
+zone "19.198.in-addr.arpa"	{ type master; file "master/empty.db"; };

 // IANA Reserved - Old Class E Space
 zone "240.in-addr.arpa"		{ type master; file "master/empty.db"; };