On 02/14/2013 12:47 PM, Reindl Harald wrote:
Am 14.02.2013 18:37, schrieb Robert Moskowitz:
On 02/14/2013 12:29 PM, Paul Heinlein wrote:
On Thu, 14 Feb 2013, Robert Moskowitz wrote:
Over on the bind-users@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt AAAA records) compared to the named.zone provided by internic.
A few contributors have stated that now the hints are built into bind and you can see this with:
strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET
Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from "lib/dns/rootns.c in the source code tree".
So are the hints built in here?
See /var/named/named.ca (also visible in /var/named/chroot/var/named).
Yes. I know about that. But as I said, the discussion is that this is no longer needed as the hints are now built into bind if no explicit hint is provided. I am asking if the above stub is included in the Redhat/Centos build. It does not seem so.
and even if - how would this be updated without the need for a security fix since otherwise there are no updates in RHEL
Oh, I have checked and eventhough we are stuck at ver 9.8.2, we are current on security patches per the alerts listed by isc. So our 9.8.2 is NOT quite 9.8.2....
ftp://ftp.internic.net/domain/named.cache and update /var/named/chroot/var/named/named.ca with it is the way to go
-
Robert Moskowitz