On 02/14/2013 12:47 PM, Reindl Harald wrote: > > Am 14.02.2013 18:37, schrieb Robert Moskowitz: >> On 02/14/2013 12:29 PM, Paul Heinlein wrote: >>> On Thu, 14 Feb 2013, Robert Moskowitz wrote: >>> >>>> Over on the bind-users@xxxxxxxxxxxxx list, I am in a discussion about >>>> building the named.zone file, as Centos 6.3 does not provide it. It >>>> DOES provide a named.ca which is already old (wrt AAAA records) compared >>>> to the named.zone provided by internic. >>>> >>>> A few contributors have stated that now the hints are built into bind >>>> and you can see this with: >>>> >>>> strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET >>>> >>>> Well it looks like Centos has it at /usr/sbin/named and there are no >>>> such strings in there. Oh, these hints come from "lib/dns/rootns.c in >>>> the source code tree". >>>> >>>> So are the hints built in here? >>> See /var/named/named.ca (also visible in /var/named/chroot/var/named). >> Yes. I know about that. But as I said, the discussion is that this is >> no longer needed as the hints are now built into bind if no explicit >> hint is provided. I am asking if the above stub is included in the >> Redhat/Centos build. It does not seem so. > and even if - how would this be updated without the need > for a security fix since otherwise there are no updates > in RHEL I asked this on the bind-users list, as AAAA records are slowly being added to each root, and got back: "No need to worry. They are only hints, and named uses them to get the current list of root name servers at startup. Even if they are 15 years out of date it will still work, because the root name servers do not change very often." So take that with whatever size of salt grain you prefer. > > ftp://ftp.internic.net/domain/named.cache and update > /var/named/chroot/var/named/named.ca with it is the > way to go What I am doing. But so far something is not set right, as I am not getting responses back, but I think I know why and it is a grrr moment. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos