From owner-freebsd-stable Sun Jan 26 14:48:12 2003 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F390637B401 for ; Sun, 26 Jan 2003 14:48:10 -0800 (PST) Received: from voo.doo.net (voo.doo.net [81.17.45.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9099F43F3F for ; Sun, 26 Jan 2003 14:48:09 -0800 (PST) (envelope-from marc@schneiders.org) Received: from localhost (localhost [127.0.0.1]) by voo.doo.net (8.12.6/8.12.6) with ESMTP id h0QMm16Z027775 for ; Sun, 26 Jan 2003 23:48:02 +0100 (CET) (envelope-from marc@schneiders.org) Date: Sun, 26 Jan 2003 23:48:00 +0100 (CET) From: Marc Schneiders X-X-Sender: To: Subject: Re: 4.7-R-p3: j.root-servers.net In-Reply-To: <20030126130837.GA399@gicco.homeip.net> Message-ID: <20030126224956.K27492-100000@voo.doo.net> X-Preferred-email-to: marc@schneiders.org X-Other-email-to: marc@venster.nl X-Organization: Venster (Zeist - NL) X-URL: http://www.bijt.net/ X-SOA: A.ROOT-SERVERS.ORSC. X-OS: FreeBSD: The Power to Serve MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 26 Jan 2003, at 14:08 [=GMT+0100], Hanspeter Roth wrote: > On Jan 25 at 14:25, Kevin Oberman spoke: > > > Date: Sat, 25 Jan 2003 23:17:25 +0100 > > > From: Hanspeter Roth > > If you want to get a new version at any time, just issue the command: > > dig ns . @b.root-servers.net. > /etc/named/named.root (or wherever > > your named.conf tells it to look). > > Ok. I'll create a job as I have to update the instance in > /var/named/namedb anyway. A more permanent solution is to run secondary for root. This has several advantages. One being speed. The root data will be on your machine and automatically refreshed every 30 minutes (only when there are changes, so no useless traffic) by AXFR. If there is another DDoS attack on the root-servers, you won't suffer from it, for you have the data yourself. And they don't change much. To do this replace in named.conf: zone "." { type hint; file "named.root"; }; by this: zone "." { type slave; file "named.root"; masters { 128.9.0.107; 192.33.4.12; 192.5.5.241}; }; The 3 IP numbers are from b, c, and f.root-servers.net, which do allow an AXFR of the root-zone. The other root-servers don't. If you care for alternative, extra domains, you replace the IP numbers indicated by ORSC root-servers (that allow AXFR) and you put in: zone "." { type slave; file "named.root"; masters { 199.166.29.2; 213.196.2.97; 199.166.24.12; 195.206.104.13; 204.57.55.100}; }; -- [11] You must really read this. http://logoff.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message