Re: Building a fresh named.root

Thu, 14 Feb 2013 06:49:51 -0800 


On 02/14/2013 09:34 AM, Warren Kumari wrote:

On Feb 14, 2013, at 9:28 AM, Robert Moskowitz <r...@htt-consult.com> wrote:


On 02/14/2013 09:05 AM, Warren Kumari wrote:

BIND now comes with a baked in roots file (in the imaginatively named 
lib/dns/rootns.c )

Not (at least by that name) in the Redhat/Centos 6.3 bind 9.8.2.

Nope -- it is in lib/dns/rootns.c in the source code tree….


Oh, of course...


When BIND is compiled into a binary this gets baked in….

You can verify this by running strings on the binary. E.g:

wkumari$:~$ strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.     3600000 IN      A       198.41.0.4
A.ROOT-SERVERS.NET.     3600000 IN      AAAA    2001:503:BA3E::2:30
Mine is located in /usr/sbin/ and no such string. In fact the only occurance of ROOT is a comment on the location of the ROOT KEY.
And anyway, baking it in is a problem as we continue to have an availablity of AAAA for the roots. 







There is no need for a named.root file, and is just another thing to go wrong…

Is there anything needed in the named.conf to actuate this if you do have it?


W
On Feb 14, 2013, at 8:35 AM, Robert Moskowitz <r...@htt-consult.com> wrote:


The Centos 6.3 bind and bind-chroot do not seem to come with a named.root.  
Does have a named.ca, though.

So from my old named.root.hints include (also not provided; where did I get 
this?) I tried:

wget ftp://ftp.rs.internic.net/domain/named.root

And got a nice looking named.root  last updated 1/3/2013, with nice comments on 
who use to run the various root servers.

Then I tried:

dig . ns @198.41.0.4 > named.root

I see where this addr is the A root server, anyway, the response did not have A 
records for B, E, I, J, or L !!! And of course no AAAA records for I, J, or L.  
It has NS records for A thru M.

What went wrong here?

Which do I use?



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to