[Midnightbsd-cvs] src: etc/namedb: Update for bind 9.4.2.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Apr 28 01:33:24 EDT 2008
Log Message:
-----------
Update for bind 9.4.2.
Update the root servers list (some have ipv6 addresses now)
Follow a similar approach to FreeBSD 7.x
Modified Files:
--------------
src/etc/namedb:
Makefile (r1.2 -> r1.3)
named.conf (r1.2 -> r1.3)
named.root (r1.2 -> r1.3)
Added Files:
-----------
src/etc/namedb/master:
Makefile (r1.1)
empty.db (r1.1)
localhost-forward.db (r1.1)
localhost-reverse.db (r1.1)
Removed Files:
-------------
src/etc/namedb:
PROTO.localhost-v6.rev
PROTO.localhost.rev
make-localhost
-------------- next part --------------
--- etc/namedb/make-localhost
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-#
-# $MidnightBSD: src/etc/namedb/make-localhost,v 1.2 2006/08/28 01:35:55 laffer1 Exp $
-# $FreeBSD: src/etc/namedb/make-localhost,v 1.7 2004/09/28 09:46:00 dougb Exp $
-#
-# make-localhost - edit the appropriate local information into
-# /etc/namedb/localhost.rev
-#
-
-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
-export PATH
-
-if [ "`hostname -s`" != "`hostname`" ]; then
- # hostname must contain domain
-
- host=`hostname -s`
- fullhost=`hostname`
- domain=`echo $fullhost | sed "s/^$host\.//"`
-else
- host=`hostname`
-
- if [ -z "$1" ]; then
- echo -n 'Enter your domain name: '
- read domain
- else
- domain="$1"
- fi
-
- # strip trailing dot, if any
- domain=`echo $domain | sed 's/\.$//'`
- fullhost="$host.$domain"
-fi
-
-date=`date +"%Y%m%d"`
-
-mkdir -p master
-
-mv -f master/localhost-v6.rev master/localhost-v6.rev.BAK 2>/dev/null
-
-sed -e "s/@host@/$fullhost/g" \
- -e "s/@domain@/$domain/g" \
- -e "s/@date@/$date/g" \
- < PROTO.localhost-v6.rev > master/localhost-v6.rev
-
-mv -f master/localhost.rev master/localhost.rev.BAK 2>/dev/null
-
-exec sed -e "s/@host@/$fullhost/g" \
- -e "s/@domain@/$domain/g" \
- -e "s/@date@/$date/g" \
- < PROTO.localhost.rev > master/localhost.rev
Index: named.conf
===================================================================
RCS file: /home/cvs/src/etc/namedb/named.conf,v
retrieving revision 1.2
retrieving revision 1.3
diff -L etc/namedb/named.conf -L etc/namedb/named.conf -u -r1.2 -r1.3
--- etc/namedb/named.conf
+++ etc/namedb/named.conf
@@ -1,5 +1,5 @@
// $MidnightBSD$
-// $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27 dougb Exp $
+// $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23 dougb Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
@@ -10,6 +10,7 @@
// or cause huge amounts of useless Internet traffic.
options {
+ // Relative to the chroot directory, if any
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
@@ -25,11 +26,17 @@
// an IPv6 address, or the keyword "any".
// listen-on-v6 { ::1; };
+// These zones are already covered by the empty zones listed below.
+// If you remove the related empty zones below, comment these lines out.
+ disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
+ disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
+ disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
+
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
-// forward only;
+// forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
@@ -53,21 +60,168 @@
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.
+// The traditional root hints mechanism. Use this, OR the slave zones below.
+zone "." { type hint; file "named.root"; };
+
+/* Slaving the following zones from the root name servers has some
+ significant advantages:
+ 1. Faster local resolution for your users
+ 2. No spurious traffic will be sent from your network to the roots
+ 3. Greater resilience to any potential root server failure/DDoS
+
+ On the other hand, this method requires more monitoring than the
+ hints file to be sure that an unexpected failure mode has not
+ incapacitated your server. Name servers that are serving a lot
+ of clients will benefit more from this approach than individual
+ hosts. Use with caution.
+
+ To use this mechanism, uncomment the entries below, and comment
+ the hint zone above.
+*/
+/*
zone "." {
- type hint;
- file "named.root";
+ type slave;
+ file "slave/root.slave";
+ masters {
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
+ };
+ notify no;
};
-
-zone "0.0.127.IN-ADDR.ARPA" {
- type master;
- file "master/localhost.rev";
+zone "arpa" {
+ type slave;
+ file "slave/arpa.slave";
+ masters {
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
+ };
+ notify no;
};
-
-// RFC 3152
-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA" {
- type master;
- file "master/localhost-v6.rev";
+zone "in-addr.arpa" {
+ type slave;
+ file "slave/in-addr.arpa.slave";
+ masters {
+ 192.5.5.241; // F.ROOT-SERVERS.NET.
+ };
+ notify no;
};
+*/
+
+/* Serving the following zones locally will prevent any queries
+ for these zones leaving your network and going to the root
+ name servers. This has two significant advantages:
+ 1. Faster local resolution for your users
+ 2. No spurious traffic will be sent from your network to the roots
+*/
+// RFC 1912
+zone "localhost" { type master; file "master/localhost-forward.db"; };
+zone "127.in-addr.arpa" { type master; file "master/localhost-reverse.db"; };
+zone "255.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// RFC 1912-style zone for IPv6 localhost address
+zone "0.ip6.arpa" { type master; file "master/localhost-reverse.db"; };
+
+// "This" Network (RFCs 1912 and 3330)
+zone "0.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// Private Use Networks (RFC 1918)
+zone "10.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "16.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "17.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "18.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "19.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "20.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "21.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "22.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "23.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "24.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "25.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "26.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "27.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "28.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "29.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "30.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "31.172.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "168.192.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// Link-local/APIPA (RFCs 3330 and 3927)
+zone "254.169.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// TEST-NET for Documentation (RFC 3330)
+zone "2.0.192.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// Router Benchmark Testing (RFC 3330)
+zone "18.198.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "19.198.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// IANA Reserved - Old Class E Space
+zone "240.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "241.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "242.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "243.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "244.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "245.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "246.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "247.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "248.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "249.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "250.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "251.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "252.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "253.in-addr.arpa" { type master; file "master/empty.db"; };
+zone "254.in-addr.arpa" { type master; file "master/empty.db"; };
+
+// IPv6 Unassigned Addresses (RFC 4291)
+zone "1.ip6.arpa" { type master; file "master/empty.db"; };
+zone "3.ip6.arpa" { type master; file "master/empty.db"; };
+zone "4.ip6.arpa" { type master; file "master/empty.db"; };
+zone "5.ip6.arpa" { type master; file "master/empty.db"; };
+zone "6.ip6.arpa" { type master; file "master/empty.db"; };
+zone "7.ip6.arpa" { type master; file "master/empty.db"; };
+zone "8.ip6.arpa" { type master; file "master/empty.db"; };
+zone "9.ip6.arpa" { type master; file "master/empty.db"; };
+zone "a.ip6.arpa" { type master; file "master/empty.db"; };
+zone "b.ip6.arpa" { type master; file "master/empty.db"; };
+zone "c.ip6.arpa" { type master; file "master/empty.db"; };
+zone "d.ip6.arpa" { type master; file "master/empty.db"; };
+zone "e.ip6.arpa" { type master; file "master/empty.db"; };
+zone "0.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "1.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "2.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "3.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "4.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "5.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "6.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "7.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "8.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "9.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "a.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "b.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "0.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "1.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "2.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "3.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "4.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "5.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "6.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "7.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+
+// IPv6 ULA (RFC 4193)
+zone "c.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "d.f.ip6.arpa" { type master; file "master/empty.db"; };
+
+// IPv6 Link Local (RFC 4291)
+zone "8.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "9.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "a.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "b.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+
+// IPv6 Deprecated Site-Local Addresses (RFC 3879)
+zone "c.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "d.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "e.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+zone "f.e.f.ip6.arpa" { type master; file "master/empty.db"; };
+
+// IP6.INT is Deprecated (RFC 4159)
+zone "ip6.int" { type master; file "master/empty.db"; };
// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
@@ -75,30 +229,23 @@
// Example slave zone config entries. It can be convenient to become
// a slave at least for the zone your own domain is in. Ask
// your network administrator for the IP address of the responsible
-// primary.
+// master name server.
//
-// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
-// (This is named after the first bytes of the IP address, in reverse
-// order, with ".IN-ADDR.ARPA" appended.)
-//
-// Before starting to set up a primary zone, make sure you fully
-// understand how DNS and BIND works. There are sometimes
-// non-obvious pitfalls. Setting up a slave zone is simpler.
+// Do not forget to include the reverse lookup zone!
+// This is named after the first bytes of the IP address, in reverse
+// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
+//
+// Before starting to set up a master zone, make sure you fully
+// understand how DNS and BIND work. There are sometimes
+// non-obvious pitfalls. Setting up a slave zone is usually simpler.
//
// NB: Don't blindly enable the examples below. :-) Use actual names
// and addresses instead.
-/* An example master zone
-zone "example.net" {
- type master;
- file "master/example.net";
-};
-*/
-
/* An example dynamic zone
key "exampleorgkey" {
- algorithm hmac-md5;
- secret "sf87HJqjkqh8ac87a02lla==";
+ algorithm hmac-md5;
+ secret "sf87HJqjkqh8ac87a02lla==";
};
zone "example.org" {
type master;
@@ -109,14 +256,7 @@
};
*/
-/* Examples of forward and reverse slave zones
-zone "example.com" {
- type slave;
- file "slave/example.com";
- masters {
- 192.168.1.1;
- };
-};
+/* Example of a slave reverse zone
zone "1.168.192.in-addr.arpa" {
type slave;
file "slave/1.168.192.in-addr.arpa";
Index: named.root
===================================================================
RCS file: /home/cvs/src/etc/namedb/named.root,v
retrieving revision 1.2
retrieving revision 1.3
diff -L etc/namedb/named.root -L etc/namedb/named.root -u -r1.2 -r1.3
--- etc/namedb/named.root
+++ etc/namedb/named.root
@@ -1,5 +1,6 @@
+;
; $MidnightBSD$
-; $FreeBSD: src/etc/namedb/named.root,v 1.12 2004/06/06 11:46:29 schweikh Exp $
+; $FreeBSD: src/etc/namedb/named.root,v 1.12.18.1.2.1 2008/02/07 20:55:42 dougb Exp $
;
; This file holds the information on root name servers needed to
@@ -13,14 +14,14 @@
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
-; last update: Jan 29, 2004
-; related version of root zone: 2004012900
-;
+; last update: Feb 04, 2008
+; related version of root zone: 2008020400
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
;
; formerly NS1.ISI.EDU
;
@@ -46,6 +47,7 @@
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; formerly NS.NIC.DDN.MIL
;
@@ -56,6 +58,7 @@
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235
;
; formerly NIC.NORDU.NET
;
@@ -66,19 +69,22 @@
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
-L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
; End of File
--- etc/namedb/PROTO.localhost-v6.rev
+++ /dev/null
@@ -1,18 +0,0 @@
-; From: @(#)localhost.rev 5.1 (Berkeley) 6/30/90
-; $FreeBSD: src/etc/namedb/PROTO.localhost-v6.rev,v 1.1 2002/01/22 17:22:41 ume Exp $
-; $MidnightBSD: src/etc/namedb/PROTO.localhost-v6.rev,v 1.2 2006/08/28 01:35:55 laffer1 Exp $
-;
-; This file is automatically edited by the `make-localhost' script in
-; the /etc/namedb directory.
-;
-
-$TTL 3600
-
-@ IN SOA @host at . root. at host@. (
- @date@ ; Serial
- 3600 ; Refresh
- 900 ; Retry
- 3600000 ; Expire
- 3600 ) ; Minimum
- IN NS @host at .
- IN PTR localhost. at domain@.
Index: Makefile
===================================================================
RCS file: /home/cvs/src/etc/namedb/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -L etc/namedb/Makefile -L etc/namedb/Makefile -u -r1.2 -r1.3
--- etc/namedb/Makefile
+++ etc/namedb/Makefile
@@ -1,10 +1,12 @@
# $MidnightBSD$
-# $FreeBSD: src/etc/namedb/Makefile,v 1.4 2004/12/21 08:46:50 ru Exp $
+# $FreeBSD: src/etc/namedb/Makefile,v 1.5 2007/06/18 05:44:38 dougb Exp $
+
+SUBDIR= master
+
+FILES= named.conf named.root
-FILES= PROTO.localhost.rev PROTO.localhost-v6.rev named.conf named.root \
- make-localhost
NO_OBJ=
-FILESDIR= /etc/namedb
-FILESMODE= 644
+FILESDIR= /etc/namedb
+FILESMODE= 644
.include <bsd.prog.mk>
--- etc/namedb/PROTO.localhost.rev
+++ /dev/null
@@ -1,18 +0,0 @@
-; From: @(#)localhost.rev 5.1 (Berkeley) 6/30/90
-; $FreeBSD: src/etc/namedb/PROTO.localhost.rev,v 1.6 2000/01/10 15:31:40 peter Exp $
-; $MidnightBSD: src/etc/namedb/PROTO.localhost.rev,v 1.2 2006/08/28 01:35:55 laffer1 Exp $
-;
-; This file is automatically edited by the `make-localhost' script in
-; the /etc/namedb directory.
-;
-
-$TTL 3600
-
-@ IN SOA @host at . root. at host@. (
- @date@ ; Serial
- 3600 ; Refresh
- 900 ; Retry
- 3600000 ; Expire
- 3600 ) ; Minimum
- IN NS @host at .
-1 IN PTR localhost. at domain@.
--- /dev/null
+++ etc/namedb/master/empty.db
@@ -0,0 +1,12 @@
+
+; $MidnightBSD: src/etc/namedb/master/empty.db,v 1.1 2008/04/28 05:33:21 laffer1 Exp $
+; $FreeBSD: src/etc/namedb/master/empty.db,v 1.1 2007/06/18 05:58:23 dougb Exp $
+
+$TTL 3h
+@ SOA @ nobody.localhost. 42 1d 12h 1w 3h
+ ; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+@ NS @
+
+; Silence a BIND warning
+@ A 127.0.0.1
--- /dev/null
+++ etc/namedb/master/localhost-forward.db
@@ -0,0 +1,12 @@
+
+; $MidnightBSD: src/etc/namedb/master/localhost-forward.db,v 1.1 2008/04/28 05:33:21 laffer1 Exp $
+; $FreeBSD: src/etc/namedb/master/localhost-forward.db,v 1.1 2007/06/18 05:58:23 dougb Exp $
+
+$TTL 3h
+localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
+ ; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+ NS localhost.
+
+ A 127.0.0.1
+ AAAA ::1
--- /dev/null
+++ etc/namedb/master/localhost-reverse.db
@@ -0,0 +1,14 @@
+
+; $MidnightBSD: src/etc/namedb/master/localhost-reverse.db,v 1.1 2008/04/28 05:33:21 laffer1 Exp $
+; $FreeBSD: src/etc/namedb/master/localhost-reverse.db,v 1.1 2007/06/18 05:58:23 dougb Exp $
+
+$TTL 3h
+@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
+ ; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+ NS localhost.
+
+1.0.0 PTR localhost.
+
+1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
+
--- /dev/null
+++ etc/namedb/master/Makefile
@@ -0,0 +1,10 @@
+# $MidnightBSD: src/etc/namedb/master/Makefile,v 1.1 2008/04/28 05:33:21 laffer1 Exp $
+# $FreeBSD: src/etc/namedb/master/Makefile,v 1.1 2007/06/18 05:44:38 dougb Exp $
+
+FILES= empty.db localhost-forward.db localhost-reverse.db
+
+NO_OBJ=
+FILESDIR= /etc/namedb/master
+FILESMODE= 644
+
+.include <bsd.prog.mk>
More information about the Midnightbsd-cvs
mailing list