Discuss mailing list

[Simon <simon AT hacknix.net>]

On 01/08/13 00:31, Jeff Taylor wrote:
> Actually you were right the first time... You want to AXFR the root zone
> so you get a complete copy of it.  If you just query for NS records, you
> get a list of the accepted nameservers, but you don't have your own
> complete local copy of the zone.

Hi Jeff,

I think we're getting confused here. Let me explain my understanding and
I would appreciate it if you and others could comment if required.

To get a configuration similar to the standard ICANN setup with Bind but
using Opennic, you need to replace the standard root hints file with one
suitable for Opennic. The hints file is not supposed to contain a full
copy of the root zone, it is simply intended to provide enough
information (hints) to resolve the root zone directly from the root
servers. Therefore, adding this information to the root.hints file is
enough to get a basic nameserver working with Opennic. This information
can be obtained by using dig -t NS on the root ( . ) zone from one of
the Opennic nameservers.

However, if desired, we can take the configuration a step further and
add some zones to our config. If we decide to go this route, the minmum
we would add is this:


zone "." {
                type slave;
                file "opennic/root.db";
                masters { 75.127.96.89; };
                allow-transfer { any; };
                notify no;
};

zone "opennic.glue" IN{
                type slave;
                file "opennic/glue.db";
                masters { 75.127.96.89; };
                allow-transfer { any; };
                notify no;
};

Generally, if you have gone this far, you would then continue with
adding slave statements for the TLD's, thus:

zone "geek" IN{
                type slave;
                file "opennic/geek.db";
                masters { 202.83.95.229; };
                allow-transfer { any; };
                notify no;
};


... and so on for the other TLDs.


Comments anyone?


Simon