Forwarding pre-empts subdomains?
Brad Knowles
brad.knowles at skynet.be
Fri Jun 22 06:31:29 UTC 2001
At 11:12 PM +0000 6/21/01, Jack Aubert wrote:
> I think this will let me retain my top level and subdomain
> structure but have the local subdomain servers forward to the recursing
> server. I could put in a couple of these as primary and alternate and this
> would also relieve the burden on the state.gov authoritative server, which I
> could then tell not to do recursion. Does this make sense?
Yup, this should work fine. And by turning off recursion on your
externally visible nameservers, you will help increase the security
at your site, and reduce the probability that someone could use
attacks on your DNS to help them break into it.
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list