#HintfileAutoUpdate
With the nearest renumbering plan of H root Server's IP address, there is a discussion of ways resolversupdating their hintfile. Traditional ways includes using ftp protocol by doing a wget and dig servers' address manually.Each way would depend on operators manual operation. As a result, there is many old machines could not update its hint-filerightly. As a proof, after done renumbering for thirteen years, there is an observation that the "Old J-Root" can stillreceives DNS query traffic.
This project aims to find a automatic way for hint-file updating. The already-done works is a shell script which providesthe function that update a hint-file in file system automatically with DNSSEC and trust anchor validation
It is a shell script so it does not require any compile or installation. Just put script into the operation system and giantit excute accession. Until now, the script depends on dig command. The future would make the script compatible with PowerDNSuser and drill command.
The script will query the NS list for "." domain and query A and AAAA record for every domain on the NS list. it will alsovalidation DNSSEC and trust anchor for all the answer. You can specify the path for root key by the option --fetchkeys orthe script will query the root key itself and delete it after runnling. After getting all the answers, the script willcompare the new hintfile to the old one. If there is a difference, it will rename the old one with a timestamp and replacethe old one with the new one. Otherwise the script will delete the new hintfile and nothing will be changed.
Start the script like:./hintUpdateScript $hint-file-path (--fetchkeys rootkey path)the parameters in parentheses are optional.