New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
enable-root-server as config option #275
Comments
Hi @jschlyter! You're right in that the compile-time option is there to prevent people from unknowingly serving some version of the root zone. I asked around internally and people are fine with turning this into a runtime option (it was added before NSD supported configuration files). I'll have a look to determine the amount of work involved. |
I would go further and say that this option should be dropped altogether. Other name servers, such as BIND, Knot DNS and PowerDNS, do not require enabling anything special to run as a root name server, and I haven't heard of any cases of folk misconfiguring things. This whole |
Has there been any discussion on moving the compile time option
--enable-root-server
to a runtime configuration option? Where I understand why measures should be taken to protect users from using NSD as a root server, requiring a custom build seems a bit to complicated. Having this as a runtime configuration option would help a lot running of the shelf binary packages.The text was updated successfully, but these errors were encountered: