1

I am setting up Bind9 on Ubuntu 18.04 and found this SF article for Ubuntu 10.04: What is the point of the zones.rfc1918 file for Bind9?, with a comment citing documentation from Penn State in 1996.

The question is still open after 8 years, has only one and popular answer: including zones.rfc1918's information is "generally considered a good practice".

There are many other search results, but not addressing "good practice" for 18.04. Being in web 2.0 and approaching the Google world of https, I think some statement on whether arpa-related stuff is affected or unchanged is important.

Should I still "include" zones.rfc1918 in my named.conf.local file for Ubuntu 18.04 (maybe other Linux contemporaries), y/n, etc? And, are there any other Bind9 settings similar to this that may have changed since that post that are recommended for me to change from the bind9 install defaults, y/n what?

Jesse יִשַׁי
  • 181
  • 2
  • 11

1 Answers1

6

To address the clearly stated question, the zones.rfc1918 file is pointless these days.

Not because the purpose (terminating queries to non-public zones locally instead of flooding the internet with useless queries if you are running a server with recursion enabled) is no longer relevant, but because BIND already has the same kind of functionality built in and enabled by default without having to add zones in the configuration file to achieve this.

Jesse יִשַׁי
  • 181
  • 2
  • 11
Håkan Lindqvist
  • 33,741
  • 5
  • 65
  • 90
  • Current best practice: [RFC 6303](https://www.rfc-editor.org/rfc/rfc6303.txt) – Colt Nov 26 '18 at 03:18
  • 1
    I'm in favor of adding the last paragraph of Håkan's answer back but I don't just want to "unedit" Jesse's edit without asking the opinion of other forum members first. – Tommiie Nov 27 '18 at 08:48