root-servers hitting my firewall
Mark Damrose
mdamrose at elgin.cc.il.us
Thu Jan 9 22:36:58 UTC 2003
"John" <me at there.com> wrote in message news:avkbmj$cbpr$1 at isrv4.isc.org...
> Hi all,
>
> I'm stil not sure ..
>
> i would like to understanfd the entire process, not just ignoring my
> firewall ..
>
> I feel like there is no clear definition of what is good and wrong when
> setting up a
> 'mixed' forwarding / internal bind dns server behind a firewall ..
>
[snip]
forward first;
will try the forwarder, and if it fails will try to resolve normally. You
should have a stateful firewall - like iptables - if you want to do this.
forward only;
will try the forwarder, and if it fails will stop.
More information about the bind-users
mailing list