5f33f4aeb8
Automatic maintained root zone is great for network resolvers, which are used by multiple machines. Its usage on every common device is not desired however, especially when used as localhost only cache daemon. Unfortunately it is too late to change this behavior so move it to drop-in to make process of disabling it easier. Resolves: RHEL-77788
31 lines
1.4 KiB
Plaintext
31 lines
1.4 KiB
Plaintext
# Authority zones
|
|
# The data for these zones is kept locally, from a file or downloaded.
|
|
# The data can be served to downstream clients, or used instead of the
|
|
# upstream (which saves a lookup to the upstream).
|
|
#
|
|
# Download local root copy and answer TLD queries from it. Because
|
|
# auth-zone has higher precedence, defined forward-zones to internal
|
|
# only TLD will not work. Use stub-zone or disable this zone.
|
|
# Good for a network-wide resolvers, worse for a localhost caching forwarder.
|
|
auth-zone:
|
|
name: "."
|
|
primary: 170.247.170.2 # b.root-servers.net
|
|
primary: 192.33.4.12 # c.root-servers.net
|
|
primary: 199.7.91.13 # d.root-servers.net
|
|
primary: 192.5.5.241 # f.root-servers.net
|
|
primary: 192.112.36.4 # g.root-servers.net
|
|
primary: 193.0.14.129 # k.root-servers.net
|
|
primary: 192.0.47.132 # xfr.cjr.dns.icann.org
|
|
primary: 192.0.32.132 # xfr.lax.dns.icann.org
|
|
primary: 2801:1b8:10::b # b.root-servers.net
|
|
primary: 2001:500:2::c # c.root-servers.net
|
|
primary: 2001:500:2d::d # d.root-servers.net
|
|
primary: 2001:500:2f::f # f.root-servers.net
|
|
primary: 2001:500:12::d0d # g.root-servers.net
|
|
primary: 2001:7fd::1 # k.root-servers.net
|
|
primary: 2620:0:2830:202::132 # xfr.cjr.dns.icann.org
|
|
primary: 2620:0:2d0:202::132 # xfr.lax.dns.icann.org
|
|
fallback-enabled: yes
|
|
for-downstream: no
|
|
for-upstream: yes
|