(lack of) DNS root hints

2015-09-28 - News - Tony Finch

Another change I made to sample.named.conf on Friday was to remove the explicit configuration of the root name server hints. I was asked why, so I thought I should explain to everyone.

BIND comes with a built-in copy of the hints, so there is no need to explicitly configure them. It is important to keep BIND up-to-date for security reasons, so the root hints should not be stale. And even if they are stale, the only negative effect is a warning in the logs.

So I regard explicitly configuring root hints as needless extra work.

It is worth noting that the H-root name server IP addresses are going to change on the 1st December 2015. We will not be making any special effort in response since normal BIND updates will include this change in due course.

There is a history of root name server IP address changes at http://root-servers.org/news.html