From owner-freebsd-stable Sun Jan 26 15:30:12 2003 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7B3DD37B401 for ; Sun, 26 Jan 2003 15:30:10 -0800 (PST) Received: from drugs.dv.isc.org (drugs.dv.isc.org [130.155.191.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FAF443E4A for ; Sun, 26 Jan 2003 15:30:09 -0800 (PST) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.12.6/8.12.6) with ESMTP id h0QNU1EN056421; Mon, 27 Jan 2003 10:30:01 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200301262330.h0QNU1EN056421@drugs.dv.isc.org> To: Marc Schneiders Cc: freebsd-stable@FreeBSD.ORG From: Mark.Andrews@isc.org Subject: Re: 4.7-R-p3: j.root-servers.net In-reply-to: Your message of "Sun, 26 Jan 2003 23:48:00 BST." <20030126224956.K27492-100000@voo.doo.net> Date: Mon, 27 Jan 2003 10:30:01 +1100 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, 26 Jan 2003, at 14:08 [=GMT+0100], Hanspeter Roth wrote: > > On Jan 25 at 14:25, Kevin Oberman spoke: > > > > Date: Sat, 25 Jan 2003 23:17:25 +0100 > > > > From: Hanspeter Roth > > > > If you want to get a new version at any time, just issue the command: > > > dig ns . @b.root-servers.net. > /etc/named/named.root (or wherever > > > your named.conf tells it to look > ). > > > > Ok. I'll create a job as I have to update the instance in > > /var/named/namedb anyway. > > A more permanent solution is to run secondary for root. This has > several advantages. One being speed. The root data will be on your > machine and automatically refreshed every 30 minutes (only when there > are changes, so no useless traffic) by AXFR. If there is another DDoS > attack on the root-servers, you won't suffer from it, for you have the > data yourself. And they don't change much. > > To do this replace in named.conf: > > zone "." { > type hint; > file "named.root"; > }; > > by this: > > zone "." { type slave; > file "named.root"; > masters { > 128.9.0.107; 192.33.4.12; 192.5.5.241}; > }; > > The 3 IP numbers are from b, c, and f.root-servers.net, which do allow > an AXFR of the root-zone. The other root-servers don't. > > If you care for alternative, extra domains, you replace the IP > numbers indicated by ORSC root-servers (that allow AXFR) and you put > in: > > zone "." { > type slave; > file "named.root"; > masters { > 199.166.29.2; 213.196.2.97; 199.166.24.12; 195.206.104.13; > 204.57.55.100}; > }; > > -- > [11] You must really read this. > http://logoff.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message If you have to do this then please, please, please specify "notify no;". The root servers don't need millions of additional notify requests. Mark -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message