enable-root-server as config option #275
Comments
|
Hi @jschlyter! You're right in that the compile-time option is there to prevent people from unknowingly serving some version of the root zone. I asked around internally and people are fine with turning this into a runtime option (it was added before NSD supported configuration files). I'll have a look to determine the amount of work involved. |
k0ekk0ek
added a commit
to k0ekk0ek/nsd
that referenced
this issue
Apr 3, 2023
|
I would go further and say that this option should be dropped altogether. Other name servers, such as BIND, Knot DNS and PowerDNS, do not require enabling anything special to run as a root name server, and I haven't heard of any cases of folk misconfiguring things. This whole |
k0ekk0ek
added a commit
to k0ekk0ek/nsd
that referenced
this issue
May 30, 2023
k0ekk0ek
added a commit
that referenced
this issue
May 30, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Has there been any discussion on moving the compile time option
--enable-root-serverto a runtime configuration option? Where I understand why measures should be taken to protect users from using NSD as a root server, requiring a custom build seems a bit to complicated. Having this as a runtime configuration option would help a lot running of the shelf binary packages.The text was updated successfully, but these errors were encountered: