I get 102 zones when I do rndc status. My BIND9 server is only authoritative for 1 zone (that's the site that I host on my LAMP server). I'm aware that it could be an extra ten or so zones, due to the fact that those are in system use or something like that. But it can't be an extra 101 zones. What's going on?
Asked
Active
Viewed 354 times
1 Answers
2
BIND has a large number of built-in empty zones which are enabled by default whenever you have recursion enabled.
The purpose of these empty zones is to immediately terminate recursion requests for zones that are known not to exist on the public Internet (reverse zones for reserved networks).
A significant chunk of traffic directed at the root servers is completely pointless queries of the category above, this default behavior tries to help you avoid accidentally contributing to this problem.
See the Built-in Empty Zones section of the manual for details.
Håkan Lindqvist
- 35,011
- 5
- 69
- 94
-
So that's a normal default status? And I should just leave it alone and not to worry about it? – Gregory Jan 21 '16 at 20:57
-
@Gregory If recursion is enabled, then this is the default state (which I would consider a sane default). If you don't actually need recursion, disable that entirely. – Håkan Lindqvist Jan 21 '16 at 20:58
-
From what I understood, the purpose of those zones is to minimize the unnecessary traffic, so my server would issue a denial right away and not send the recursive query to the root servers etc. and then forward their denial to the server that originally asked. I do need recursion, but I only enabled it for my own BIND9 server. If another server asks something, my server won't serve that query. – Gregory Jan 21 '16 at 21:38