John Horne <john.ho...@plymouth.ac.uk> said: > Hello, > > I noticed one of the root servers stats > ( http://stats.l.root-servers.org/cgi-bin/dsc-grapher.pl? window=604800&plot=qtype_vs_invalid_tld&server=L-root ) of queried invalid TLDs, as at the moment we have no 'local.' or 'lan.' zones configured. Hence, any such queries from us go out to the Internet (sorry). > > I gather that these zones are used by MS and MAC servers to some extent, > so I am wondering if it would be better to simply create an empty zone > or one with a wildcard in it? Or does it make any difference? (I have no > idea what the zones are used for.)
The "*.local" names are used by MacOS X as an implementation of the "DNS Service Discovery" (DNS-SD). I don't know anything special about the "lan" name. For MacOS X, if the system makes a query for something of the form "*.local", it does NOT go to a standard DNS server and the query is kept locally on the LAN. (DNS-SD queries are normally not routed, although they can be if you configure things that way.) Unless you are going to be performing queries for names of the form "*.local" or "*.lan", I wouldn't suggest configuring these zones on your server. The difference should be absolutely miniscule. > Whilst we have already configured zones for private (RFC 1918) zones, > and several other 'local' type forward and reverse zones, would it be > worth creating zones for 'belkin.', 'invalid.' and so on? Is that > something that others do? Again, why bother, unless you are using these types of names such that there would be legitimate queries for them. I don't believe this would be considered a "common practice". If you really are worried that you are going to be querying the root servers for these "invalid" names, you can alway simply watch for these DNS queries on your network. If you see a significant number of these queries, then you could try and set up zones to provide SOME type of answer for these queries. Or, you could spend the same amount of time tracking down the systems that are making these queries and fixing them at that end instead. > I came across the above web site of stats by accident, but can't seem to > find stats from other root servers. Anyone know if there are other stats > available? This information is nice but not critical to the operation of a DNS server. There are also papers available discussing improperly configured DNS servers and improper DNS queries and their impact on the root servers. A lot of good information of this manner can be found at www.dns-oarc.net. Bill Larson _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
