Inside and Outside Views
Martin McCormick
martin at dc.cis.okstate.edu
Tue May 29 20:54:04 UTC 2001
This is basically to let those who are about to
reconfigure their dns's to refuse recursion for outside domains
know what to expect.
I think this is the right thing to do and we are sticking
with it, but be prepared to see log entries that rival the
Microsoft Windows2000 ons lot.
I made the switch for us at 4:00 on Saturday May 25 and
between that time and this morning at around 08:00, we got over
200,000 refused queries from every kind of Internet site in the
world. We did get a grand total of 2 complaints so far. One is
from an employee of Oklahoma State University who has hard-coded
our domain name servers in to his software and accesses us from
another ISP and the other is from a former student who lives in
another state and simply thought that was the thing to do.
I imagine that many of the hits we are getting are from
sites like those 2. We may notify some of them about the change
and the rest of them will just have to deal with it and use the
dns they should be using. I had no idea how many people there
are out there who use our name servers incorrectly, but this
action will eventually clean things up and probably reduce the
number of transactions we process all day. We run around
150,000 lookups per hour and it is difficult to tell exactly what
percentage are off-siters looking up other off-siters.
Martin McCormick WB5AGZ Stillwater, OK
OSU Center for Computing and Information Services Data Communications Group
More information about the bind-users
mailing list