On 10/12/2024 12:25, Greg Choules via bind-users wrote:
Actually you don't need it anyway, even if you are doing recursion, as Internet root hints have been built into BIND for many years. The only reason you would need a hint zone is to define custom roots for a private network that is *completely* isolated from the Internet. Your corporate network does not meet that criterion because your corporate DNS servers will be answering names from the Internet. Therefore, lose the hint zone.
The only consideration here is that every so often a change might be made to the root DNS servers, and based on past experience it has taken many months for the compiled-in list of root servers within BIND to be updated, which results in warnings being logged by BIND. Having a hint file allows you to update that file - either manually or by upgrading a distro package (e.g. "dns-root-data" on Ubuntu) - to eliminate those warnings.
Nick. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
