We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
desec-stack
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix(nslord): improve SOA record settings

This commit changes the SOA MNAME field from ns1.desec.io to value
that does not refer to a specific nameserver. The field value is
irrelevant to the public, and this way the overspecific name is
removed.

(RFC1996 says that a master server "is named in the zone's SOA MNAME
field and optionally by an NS RR," that is, the MANME hostname does
not really need to be an NS. RFC7719 confirms this for more modern
times.)

It also increases the default TTL for SOA records to 3600: There's
no need for external resolvers to forget our SOA records every minute.
Peter Thomassen 6 years ago
parent
9b078952ce
commit
9effcbb143
1 changed files with 3 additions and 3 deletions
Unified View Show Diff Stats
  1. 3 3
      nslord/conf/pdns.conf.var

+ 3 - 3
nslord/conf/pdns.conf.var
View File 

@@ -2,9 +2,9 @@ allow-axfr-ips=${DESECSTACK_IPV4_REAR_PREFIX16}.1.0/24
 
 api=yes
 
 api=yes
 
 api-key=${DESECSTACK_NSLORD_APIKEY}
 
 api-key=${DESECSTACK_NSLORD_APIKEY}
 
 default-soa-edit=INCREMENT-WEEKS
 
 default-soa-edit=INCREMENT-WEEKS
 
-default-soa-mail=hostmaster.desec.io
 
-default-soa-name=ns1.desec.io
 
-default-ttl=60
 
+default-soa-mail=get.desec.io
 
+default-soa-name=set.an.example
 
+default-ttl=3600
 
 master=yes
 
 master=yes
 
 only-notify=
 
 only-notify=
 
 setgid=pdns
 
 setgid=pdns

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5