On 26/10/2018 12:14, Tony Finch wrote: > It's basically the same as the examples in RFC 7706, but you use the other > host's address instead of 127.12.12.12. The BIND configuration becomes *much* simpler if you don't try to put (validating) recursion and root zone copy into the same server.
You just need: zone "." { type static-stub; server-addresses { x.x.x.x }; }; > RFC 7706 even says, > > The examples here use a loopback address of 127.12.12.12, but typical > installations will use 127.0.0.1. The different address is used in > order to emphasize that the root server does not need to be on the > device at "localhost". The 7706-bis text changes that to say: The examples here use a loopback address of 127.12.12.12, but typical installations will use 127.0.0.1. The different address is used in order to emphasize that the root server does not need to be on the device at the name "localhost" which is often locally served as 127.0.0.1. My reading of this is that "the device" referred to is still "the local device", not "a n other device". I think the text is just trying to say "just because it's on loopback doesn't require that it be *called* localhost". Ray _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop