Replacing BIND with unbound
Doug Barton
dougb at FreeBSD.org
Mon Jul 9 20:58:43 UTC 2012
On 07/09/2012 06:36, Dag-Erling Smørgrav wrote:
> Matt Dawson <matt at chronos.org.uk> writes:
>> TBH, even having the root zone in base is a bit daft.
>
> The root zone we ship is a hint used to bootstrap named. Without it,
> named is a brick, unless all you want is an authoritative-only
> nameserver.
The hints file is not actually the root zone, it's a list of name
servers and IP addresses. Without it, named would still be able to
bootstrap since they long ago included that information in the source.
> All named does with that hint file is use it to locate a
> root server from which it can obtain a fresh copy of the root zone.
This is accurate, and it's worth pointing out that you only need to
reach one working server to bootstrap, and the change rate for the
existing server addresses is anywhere from years to decades.
hth,
Doug
--
This .signature sanitized for your protection
More information about the freebsd-security
mailing list