Date: Sun, 26 Jan 2003 23:48:00 +0100 (CET) From: Marc Schneiders <marc@schneiders.org> To: <freebsd-stable@FreeBSD.ORG> Subject: Re: 4.7-R-p3: j.root-servers.net Message-ID: <20030126224956.K27492-100000@voo.doo.net> In-Reply-To: <20030126130837.GA399@gicco.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 26 Jan 2003, at 14:08 [=GMT+0100], Hanspeter Roth wrote:
> On Jan 25 at 14:25, Kevin Oberman spoke:
> > > Date: Sat, 25 Jan 2003 23:17:25 +0100
> > > From: Hanspeter Roth <hampi@rootshell.be>
> > If you want to get a new version at any time, just issue the command:
> > dig ns . @b.root-servers.net. > /etc/named/named.root (or wherever
> > your named.conf tells it to look).
>
> Ok. I'll create a job as I have to update the instance in
> /var/named/namedb anyway.
A more permanent solution is to run secondary for root. This has
several advantages. One being speed. The root data will be on your
machine and automatically refreshed every 30 minutes (only when there
are changes, so no useless traffic) by AXFR. If there is another DDoS
attack on the root-servers, you won't suffer from it, for you have the
data yourself. And they don't change much.
To do this replace in named.conf:
zone "." {
type hint;
file "named.root";
};
by this:
zone "." {
type slave;
file "named.root";
masters {
128.9.0.107; 192.33.4.12; 192.5.5.241};
};
The 3 IP numbers are from b, c, and f.root-servers.net, which do allow
an AXFR of the root-zone. The other root-servers don't.
If you care for alternative, extra domains, you replace the IP
numbers indicated by ORSC root-servers (that allow AXFR) and you put
in:
zone "." {
type slave;
file "named.root";
masters {
199.166.29.2; 213.196.2.97; 199.166.24.12; 195.206.104.13;
204.57.55.100};
};
--
[11] You must really read this.
http://logoff.org/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030126224956.K27492-100000>