At 4:58 PM +0100 2003/02/07, Jakob Schlyter wrote:
nsd could be configured to either hand out a referral or send SERVFAIL.
It should be configured to hand out a referral.
bind9 will reply with REFUSED if the hints file is missing and it is configured to be authoritative only.
Are you sure? For which version of BIND 9? My understanding is that they had a pre-compiled list of the root servers built into the source code, and that this would be used to generate the initial "hints" zone, thus allowing you to avoid having this file. Indeed, I wouldn't be surprised at all if the built-in data over-rode the file, but maybe that's going too far. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)