On Tue, Nov 11, 2014 at 02:43:02PM -0500, Bob Harold wrote: > Thanks, but what about the case where the zone transfers are refused and > the root zone expires? My server is still running, but cannot answer for > the root zone. That's a case where I want it to fail over to the real > roots.
If the slave zone expires, it's because your server isn't receiving transfers from *any* of the five root servers in the masters statement, and in that situation you'd be having troubles whether you used this configuration or not. I suppose some of the five might disable transfers while continuing to allow queries... but as long as one of them still supports transfers, you'd be okay. I'm confident that f-root, operated by ISC, will always support them. (Honestly, I don't know why it isn't a requirement for all the root ops. It's not like the zone contents are a secret.) -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
