On 02/14/2013 12:47 PM, Reindl Harald wrote: > > Am 14.02.2013 18:37, schrieb Robert Moskowitz: >> On 02/14/2013 12:29 PM, Paul Heinlein wrote: >>> On Thu, 14 Feb 2013, Robert Moskowitz wrote: >>> >>>> Over on the bind-users at lists.isc.org list, I am in a discussion about >>>> building the named.zone file, as Centos 6.3 does not provide it. It >>>> DOES provide a named.ca which is already old (wrt AAAA records) compared >>>> to the named.zone provided by internic. >>>> >>>> A few contributors have stated that now the hints are built into bind >>>> and you can see this with: >>>> >>>> strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET >>>> >>>> Well it looks like Centos has it at /usr/sbin/named and there are no >>>> such strings in there. Oh, these hints come from "lib/dns/rootns.c in >>>> the source code tree". >>>> >>>> So are the hints built in here? >>> See /var/named/named.ca (also visible in /var/named/chroot/var/named). >> Yes. I know about that. But as I said, the discussion is that this is >> no longer needed as the hints are now built into bind if no explicit >> hint is provided. I am asking if the above stub is included in the >> Redhat/Centos build. It does not seem so. > and even if - how would this be updated without the need > for a security fix since otherwise there are no updates > in RHEL Oh, I have checked and eventhough we are stuck at ver 9.8.2, we are current on security patches per the alerts listed by isc. So our 9.8.2 is NOT quite 9.8.2.... > > ftp://ftp.internic.net/domain/named.cache and update > /var/named/chroot/var/named/named.ca with it is the > way to go >