unbound sample config for RFC7706
nusenu
nusenu-lists at riseup.net
Fri Nov 30 10:59:00 UTC 2018
ѽ҉ᶬḳ℠ via Unbound-users:
> With hyperlocal (RFC7706) requiring the root zone DNS server ip addresses listed
please don't use the term "hyperlocal" (reasoning: Paul Hoffman - RFC7706bis author -
asked for not using it in the RFC7706 context at the last IETF103 DNSOP see the Q&A section of his
presentation https://www.youtube.com/watch?v=g0Sz7gziUW0&feature=youtu.be&t=5015 )
> as master in auth-zone and since this information is already provided (and
> automatically updated) in root-hints would it not make sense to utilise it for
> RFC7706 in auth-zone, something like?:
>
>> auth-zone:
>> name: .
>> master: path/to/root-hints
not all root servers allow zone transfers so you don't
want to list them all as masters.
I did send an example unbound config for review to the DNSOP mailing list:
https://mailarchive.ietf.org/arch/msg/dnsop/KLJFVjgALzvjZY0F0aZjFhE60LQ
--
https://twitter.com/nusenu_
https://mastodon.social/@nusenu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20181130/5433fb80/attachment.bin>
More information about the Unbound-users
mailing list