suggestion for feature
Joe Pruett
joey at q7.com
Sun Jun 13 23:36:23 UTC 1999
> > actually, the allow-query is probably what i really want anyway. i've
> > tested that and it seems to do the right thing. the world can do queries
> > against our published zones (and it will recurse, which is good for ns/mx
> > records) and our internal net can query anything.
>
> Actually, the process by which an authoritative name server looks up the
> addresses for names returned in NS and MX records isn't recursion. For NS
> records, it's glue fetching.
>
> cricket
i was under the impression that if you disabled recursion, then you
had to put glue records into your dns by hand (like the tld servers do).
but i guess they aren't authoritative, and i am so it does change the
picture. in any case, allow-query seems to be the right answer for my
question, even if it bloats the config files a bit. they're done with
scripts for the most part anyway, so it doesn't bother me.
More information about the bind-users
mailing list