Discuss mailing list

[Waqas Ashraf <waqas281 AT gmail.com>]

Reason I had asked that if I can check to see if I'm only going through 
opennic root servers rather then ICANN is because I was thinking about all 
the filtering that happens on ISP side of anything you search where they 
might deem something not safe for you and decide for you you don't need to 
know. So I was wondering if I could entirely bypass their root zone complete 
and go through only OPennic. I don't if it make sense to anyone maybe I 
should think more on it and rewrite what I'm trying to say. 

Sent from my iPhone

On Jan 8, 2013, at 3:56 AM, Simon <simon AT hacknix.net> wrote:

> On 01/08/13 00:31, Jeff Taylor wrote:
>> Actually you were right the first time... You want to AXFR the root zone
>> so you get a complete copy of it.  If you just query for NS records, you
>> get a list of the accepted nameservers, but you don't have your own
>> complete local copy of the zone.
> 
> Hi Jeff,
> 
> I think we're getting confused here. Let me explain my understanding and
> I would appreciate it if you and others could comment if required.
> 
> To get a configuration similar to the standard ICANN setup with Bind but
> using Opennic, you need to replace the standard root hints file with one
> suitable for Opennic. The hints file is not supposed to contain a full
> copy of the root zone, it is simply intended to provide enough
> information (hints) to resolve the root zone directly from the root
> servers. Therefore, adding this information to the root.hints file is
> enough to get a basic nameserver working with Opennic. This information
> can be obtained by using dig -t NS on the root ( . ) zone from one of
> the Opennic nameservers.
> 
> However, if desired, we can take the configuration a step further and
> add some zones to our config. If we decide to go this route, the minmum
> we would add is this:
> 
> 
> zone "." {
>                type slave;
>                file "opennic/root.db";
>                masters { 75.127.96.89; };
>                allow-transfer { any; };
>                notify no;
> };
> 
> zone "opennic.glue" IN{
>                type slave;
>                file "opennic/glue.db";
>                masters { 75.127.96.89; };
>                allow-transfer { any; };
>                notify no;
> };
> 
> Generally, if you have gone this far, you would then continue with
> adding slave statements for the TLD's, thus:
> 
> zone "geek" IN{
>                type slave;
>                file "opennic/geek.db";
>                masters { 202.83.95.229; };
>                allow-transfer { any; };
>                notify no;
> };
> 
> 
> ... and so on for the other TLDs.
> 
> 
> Comments anyone?
> 
> 
> Simon
> 
> 
> 
> --------
> You are a member of the OpenNIC Discuss list. 
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org