Hi, > Let's be clear on what "this" is please, since I don't think the OP's > post was clear about what he wanted to implement. :)
I'm really interested in security, reducing resources, and making sure the server is current with today's standards. I'd like to make sure it's properly set up and there aren't any configuration errors and that anything I can do to improve it's overall performance is being done. > In any case, I welcome comments and suggestions on improving this config. > >> You can see the config at: >> http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/src/etc/namedb/named.conf?rev=1.31;content-type=text%2Fplain It's very good, but I think it also depends on what you're trying to achieve. I'm not sure of the scope. Since it's already not a "named start" and be done with it, maybe it can include more comprehensive examples. Maybe a separate "bogons.conf" that's included in the named.conf to make it a bit easier to read and less involved? How about using examples for "classless" ARPA networks? How about pointers to where to go next for things like, say, dnssec and key generation? >> You can add the unassigned space to those fairly easily, but make sure >> that you update it as space is assigned. > > Yes, this is worth saying again, and I agree with it (again). :) Yes, that's why the zone transfer idea was so compelling to me, or perhaps even a once-monthly rsync of the config file? Thanks, Alex _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users