Aller au contenu Aller au menu principal Aller au menu secondaire Aller au pied de page

Warning for BIND and delegation-only users

Home > Observatory and resources > News > Warning for BIND and delegation-only users

The AFNIC has recently slightly changed the .fr and .re DNS zones and would like to draw the server adminstrators’ attention on some configurations that might need adjustments.

Since May 23rd 2007, the AFNIC has transformed the .fr sub-domains that it handles directly (like or These sub-domains are now directly into the .fr zone and not in a separate zone anymore (.re was already changed earlier).

This does not change the ordinary use of these domain names. Only experts will notice some details like missing SOA or NS for these domain names or missing name servers in the Whois output.

But a problem can happen if a website uses BIND (given by the ISC) for its recursive name servers and if this BIND was configured with the delegation-only or root-delegation-only options (options not activated by default).
The options are documented at the following address:

If the configuration includes a delegation-only for .fr and .re or if it includes a root-delegation-only and that .fr and .re are not in the list of exceptions, then, the names in the subdomains, until the next zone cut, will not resolve.
In that case BIND sends a “NXDOMAIN” without an AUTHORITY section and saves it in its log (the recommended tool for debug). So will work but not (this name is recommended for testing: you should be able to resolve it into an IPv4 address).

This is the reason why the AFNIC asks that you add .fr and .re in the list of exclusions if your are using BIND as a resolver and have configured the root-delegation-only option. If are using delegation-only, do not add .fr or .re in the list.

We would like to inform you that the AFNIC is commited not to insert wildcards in the .fr and .re (see
L’AFNIC et les wildcards: and that this request should not have any negative consequences.

About the AFNIC

(Association Française pour le Nommage Internet en Coopération)

Non-profit organization, the AFNIC is in charge of the administrative and technical management of the .fr (France) and .re (Reunion Island) Internet domain names.
The AFNIC brings together public and private members: representatives from the French government, Internet users and Internet Service Providers.
Further information.

About Afnic

Afnic is the acronym for Association Française pour le Nommage Internet en Coopération, the French Network Information Centre. The registry has been appointed by the French government to manage domain names under the .fr Top Level Domain. Afnic also manages the .re (Reunion Island), .pm (Saint-Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna) and .yt (Mayotte) French Overseas TLDs.

In addition to managing French TLDs, Afnic’s role is part of a wider public interest mission, which is to contribute on a daily basis, thanks to the efforts of its teams and its members, to a secure and stable internet, open to innovation and in which the French internet community plays a leading role. As part of that mission, Afnic, a non-profit organization, has committed to devoting 11% of its Revenues from managing .fr Top Level Domain to actions of general interest, in particular by transferring €1.3 million each year to the Afnic Foundation for Digital Solidarity.
Afnic is also the back-end registry for the companies as well as local and regional authorities that have chosen to have their own TLD, such as .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf.

Established in 1997 and based in Saint-Quentin-en-Yvelines, Afnic currently has nearly 90 employees.