suggestion for feature
Joe Pruett
joey at q7.com
Wed Jun 9 16:33:39 UTC 1999
i was poking around the source the other day to try and see how hard it
might be to allow a nameserver to be setup so that recursive queries are
allowed from certain ips (internal users) and not allowed from the rest of
the net. i was thinking that a simple acl with a fixed name
(allow_recursion or the like) could be used and just check for that as
well as looking at the global recursion flag (which would be off in this
scenario).
but, i couldn't tell if that would really work since the nameserver will
be building a cache and i'm not sure if a non-recursive question could get
answered from the cache.
i know i can accomplish a similar feat by running two instances on
different ips, but this seemed like a nicer solution.
More information about the bind-users
mailing list