Everybody Resolves this Domain but Us.
Simon Waters
Simon at wretched.demon.co.uk
Mon Jul 22 14:31:01 UTC 2002
Chris Davis wrote:
>
> And if the TLDs are completely wacked and telling you your correct TLDs
> don't exist when you're loading your zone?
>
> Yes, in that case, some poor dns operator(s) would get confused as to what's
> going on, along with everyone else operating DNS at that time.
There is currently no requirement to have recursive DNS service
available when setting up an authoritative name server.
Indeed last time I set up a set of authoritative DNS servers it
was in a secured computer room, on it's own test LAN, which I
would suggest is best practice.
The servers in question never did acquire recursive DNS service
from any other name servers, there was never any need, they
would probably only ever be directly "administered" when the DNS
was broken in some way.
The test proposed only eliminates records like
"badns.example.com. NS 1.2.3.4.", as Mark pointed out the more
common "badns2.example.com. NS 1.2.3.4" would pass the proposed
test.
More information about the bind-users
mailing list