> On Wed, Dec 19, 2007 at 11:36:34AM +1100, Mark Andrews wrote:
> > The problem is getting the AAAA records for them published.
> > A local copy of "root-servers.net" with the AAAA records
> > added will suffice. "www.root-servers.org" will supply
> > you with the necessary information to construct such a
> > zone.
>
> Ok, so I'm sure this is a REALLY dumb question, but what has prevented
> anyone from taking the informatoin from www.root-servers.org and
> creating a named.boot file with both the A and AAAA records for the
> root nameservers, and started telling people to install it?
named.boot is not used after the priming succeeds.
I override the data using zones.
zone "b.root-servers.net" {
type master;
file "master/b.root-servers.net";
notify no;
allow-query { localhost; };
};
zone "f.root-servers.net" {
type master;
file "master/f.root-servers.net";
notify no;
allow-query { localhost; };
};
zone "h.root-servers.net" {
type master;
file "master/h.root-servers.net";
notify no;
allow-query { localhost; };
};
zone "k.root-servers.net" {
type master;
file "master/k.root-servers.net";
notify no;
allow-query { localhost; };
};
zone "m.root-servers.net" {
type master;
file "master/m.root-servers.net";
notify no;
allow-query { localhost; };
};
Which results in output like this.
; <<>> DiG 9.3.4-P1 <<>> ns .
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5807
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 10
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 431596 IN NS D.ROOT-SERVERS.NET.
. 431596 IN NS A.ROOT-SERVERS.NET.
. 431596 IN NS J.ROOT-SERVERS.NET.
. 431596 IN NS G.ROOT-SERVERS.NET.
. 431596 IN NS H.ROOT-SERVERS.NET.
. 431596 IN NS C.ROOT-SERVERS.NET.
. 431596 IN NS K.ROOT-SERVERS.NET.
. 431596 IN NS E.ROOT-SERVERS.NET.
. 431596 IN NS I.ROOT-SERVERS.NET.
. 431596 IN NS B.ROOT-SERVERS.NET.
. 431596 IN NS L.ROOT-SERVERS.NET.
. 431596 IN NS F.ROOT-SERVERS.NET.
. 431596 IN NS M.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
B.ROOT-SERVERS.NET. 3600 IN A 192.228.79.201
K.ROOT-SERVERS.NET. 3600 IN A 193.0.14.129
F.ROOT-SERVERS.NET. 3600 IN A 192.5.5.241
H.ROOT-SERVERS.NET. 3600 IN A 128.63.2.53
M.ROOT-SERVERS.NET. 3600 IN A 202.12.27.33
B.ROOT-SERVERS.NET. 3600 IN AAAA 2001:478:65::53
K.ROOT-SERVERS.NET. 3600 IN AAAA 2001:7fd::1
F.ROOT-SERVERS.NET. 3600 IN AAAA 2001:500::1035
H.ROOT-SERVERS.NET. 3600 IN AAAA 2001:500:1::803f:235
M.ROOT-SERVERS.NET. 3600 IN AAAA 2001:dc3::35
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Dec 19 14:18:40 2007
;; MSG SIZE rcvd: 448
> Would there be a downside if, say, the Ubuntu and Fedora Linux
> distributions started shipping a /etc/bind/db.root file that included
> the AAAA records for the root name servers? Are the IPv6 addresses
> stable enough they it would be a good thing to get them widely
> installed in thousands if not millions of machines all over the
> Internet? Because if they are suitably stable, it wouldn't be that
> hard to arrange....
I would *not* recommend distributions doing this.
This is a "do this if you know what you are doing" activity
and you accept the risks.
e.g. you need to actually track address changes etc.
Mark
> - Ted
>
> _______________________________________________
> Ietf mailing list
> [email protected]
> https://www1.ietf.org/mailman/listinfo/ietf
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
Ietf mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/ietf
