From owner-freebsd-ports@freebsd.org Sun Apr 16 13:29:47 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C8AAD4013D for ; Sun, 16 Apr 2017 13:29:47 +0000 (UTC) (envelope-from george+freebsd@m5p.com) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 5CB73F09 for ; Sun, 16 Apr 2017 13:29:47 +0000 (UTC) (envelope-from george+freebsd@m5p.com) Received: by mailman.ysv.freebsd.org (Postfix) id 594CDD4013B; Sun, 16 Apr 2017 13:29:47 +0000 (UTC) Delivered-To: ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5741AD4013A for ; Sun, 16 Apr 2017 13:29:47 +0000 (UTC) (envelope-from george+freebsd@m5p.com) Received: from mailhost.m5p.com (mailhost.m5p.com [IPv6:2001:418:3fd::f7]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "m5p.com", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 16BB8F07; Sun, 16 Apr 2017 13:29:46 +0000 (UTC) (envelope-from george+freebsd@m5p.com) Received: from [IPv6:2001:418:3fd::1f] (haymarket.m5p.com [IPv6:2001:418:3fd::1f]) by mailhost.m5p.com (8.15.2/8.15.2) with ESMTP id v3GDTdNB028370; Sun, 16 Apr 2017 09:29:44 -0400 (EDT) (envelope-from george+freebsd@m5p.com) Subject: Re: default named.conf in bind ports and slaving from f-root To: Thomas Steen Rasmussen , ports@freebsd.org References: <85573e9f-c0e7-1e30-6f95-2fec13e0ac26@gibfest.dk> Cc: mat@freebsd.org, Kevin Oberman From: George Mitchell Message-ID: <44960392-52ad-f484-8ffa-7decf847a5ad@m5p.com> Date: Sun, 16 Apr 2017 09:29:33 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="eBB7VrX2PL37Nel0RVJgASK0w4RhH8VPG" X-Spam-Status: No, score=-1.0 required=10.0 tests=ALL_TRUSTED, RP_MATCHES_RCVD autolearn=unavailable autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mattapan.m5p.com X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.1 (mailhost.m5p.com [IPv6:2001:418:3fd::f7]); Sun, 16 Apr 2017 09:29:45 -0400 (EDT) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Apr 2017 13:29:47 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --eBB7VrX2PL37Nel0RVJgASK0w4RhH8VPG Content-Type: multipart/mixed; boundary="sJHpGTtNUSwn16rnTGIGN6DE0XXRPs6nO"; protected-headers="v1" From: George Mitchell To: Thomas Steen Rasmussen , ports@freebsd.org Cc: mat@freebsd.org, Kevin Oberman Message-ID: <44960392-52ad-f484-8ffa-7decf847a5ad@m5p.com> Subject: Re: default named.conf in bind ports and slaving from f-root References: <85573e9f-c0e7-1e30-6f95-2fec13e0ac26@gibfest.dk> In-Reply-To: --sJHpGTtNUSwn16rnTGIGN6DE0XXRPs6nO Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 04/16/17 05:30, Thomas Steen Rasmussen wrote: > On 04/16/2017 04:02 AM, George Mitchell wrote: >> On 04/14/17 08:37, Thomas Steen Rasmussen wrote: >>> Hello, >>> >>> Cloudflare deployed a bunch (74 apparently) of new f-root dns >>> servers, which do not permit AXFR like the other f-root instances >>> do. >>> [...] >>> A good alternative could be to change named.conf to use >>> lax.xfr.dns.icann.org and iad.xfr.dns.icann.org as >>> described in [2]. My named.conf now looks like this: >>> [...] >> Does this issue affect me if I use type "hint" for zone "." like this:= >> >> zone "." { type hint; file "/usr/local/etc/namedb/named.root"; }; >> >> -- George >> > Hello, >=20 > Someone else already responded, but for the record: No, > it does not. Slaving the root zone is an alternative to using > the hints file. The advantage is that the data is always > uptodate. The disadvantage is stuff like this, obviously. > [...] Thank you, Kevin and Thomas, for confirming what I already suspected was the case. -- George --sJHpGTtNUSwn16rnTGIGN6DE0XXRPs6nO-- --eBB7VrX2PL37Nel0RVJgASK0w4RhH8VPG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENdM4ZHktsJW5kKZXwRES3m+p4fkFAljzccMACgkQwRES3m+p 4fl+PxAAjdMAbfJWKgoNECJPUCH6zep4hzSWVBrMeYHwVVlqCr/DZ5/IMx3cIXnl M79xkhbof7iCINd9eKpeNYlcQ9j+cQZizAR1ErtftGvHL3EcLGkxEExH1VlWvppK MACPMtdxRdQZMmcDNRaz2TXFpVj+fggh1ix2vh0afrCx1FmZL7ni9Y8wmQXSlTGL NzEQ6n2mi2BSm4vAEc6rvWnhdOudo6GhbooyX1n6qR/mWqQ1opLwQgB7J7BzKobL Z0oIfF/uybbxACCUMJEQg/pMA2l/QNlIeFMJo+Wt6fYa63THzBMhHNLRhxS31SQO y83JLxFde82PauRiecncBnRE6XB6QkbwpdpAowo4pH/1owjTXKipjjWr6pZhN6YX FpQfOE2OowKZGo+/8S6YSdg26CZFLSfsbQ1YAWyYrhcF8u5WZSYAK/b4FvR5ynyV pO9kj28pup0qDO0Z1hphkXXSlhdSpW0VxhwwVN/+h34LNLFNX9tDROWYH0S3LQiu 186w2bZptNQXLKJ8wdwao3Rr1FUlHT8y3naark45tvLAZibGO1/84JexsH/fNGhV Hq6Z6PKS8LgtlIFXM88KNT50xZR4+WDs7QUlUhK2Tx4NSTcQ+j8vaOUo+/ZdF5Lc 9xlenlmQGz7r0DpYFvoQ6sc6TG5cdbMZzGZzHJRe6i/p7CQDtzE= =6sdp -----END PGP SIGNATURE----- --eBB7VrX2PL37Nel0RVJgASK0w4RhH8VPG--