L-Root IPv6 address renumbering
wouter at nlnetlabs.nl
Thu Mar 17 08:40:52 UTC 2016
On 17/03/16 05:55, Dave Warren via Unbound-users wrote:
> On 2016-03-16 14:06, Robert Edmonds via Unbound-users wrote:
>> Dave Warren via Unbound-users wrote:
>> This is a good point, it doesn't really matter for the distro user, I
> I may be wrong, but for those who take the time and effort to build
> their own Unbound, I see them either using a root.hints file because
> they know what they're doing, or not because they've never heard of it
> (or because they know what they're doing)
The simple solution, set a root-hints: "/usr/share/dns/root.hints" file
in unbound.conf; or as a drop-in file in /etc/unbound.conf.d/*.conf if
you have that. And then keep that file up to date?
The defaults are for people that don't have a file around, but if you
want to maintain it, use the root-hints file.
If you want more complicated decisions around the file; having a script
that makes symlinks one way or the other or something along those lines
is something you can cobble together.
But I think just setting the configuration option for root-hints in
unbound.conf is probably just what you want? Do you still need to be
able to set a default value for the root-hints file location, or is it
just as good to set it in unbound.conf (or unbound.conf.d/ drop-file) ?
Best regards, Wouter
> I'm sure there's some small group that will create one and abandon it,
> but I just can't imagine that this type would remember to manually
> update the binary.
>> I agree, the consequences are extremely mild in the first place. We
>> still go to the trouble of backporting the root hint updates, though.
> I agree that it's worth doing, but the keep-it-simple of just reading
> the configured file or not seems like it's more valuable than guessing
> at whether the file should be used or ignored. Also, the principle of
> least surprise, a user will expect that the file will be used or not.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Unbound-users