allow-recursion problems
peace bwitchu
peacebwitchu at yahoo.com
Mon Feb 14 17:09:07 UTC 2005
--- Barry Margolin <barmar at alum.mit.edu> wrote:
> In article <cuh885$5ti$1 at sf1.isc.org>,
> peace bwitchu <peacebwitchu at yahoo.com> wrote:
>
> > I have recently implemented a acl using
> > allow-recursion and all seems to have went well
> until
> > this week. First we could not resolve one of our
> > names from ip's within our allow-recusrion acl but
> > could from ip's that weren't in our acl a reload
> of
> > bind resolved that issue. Later in the week we
> have
> > had some intermitent problems resolving local
> domains
> > as well. We are currently running bind 9.2.3 on
> linux
> > with around 300 zones and 400 queries per second.
> Has
> > anyone seen this type of behavior after
> implementing
> > allow-recursion?
>
> Are you saying that you're having trouble resolving
> names that *don't*
> require recursion? The allow-recursion ACL should
> not have any effect
> on lookups in authoritative zones.
Yes, I know this. I didn't know if there was a bug or
some other explanation for this. I was off sight when
this happened but when they reloaded named they could
query again. This has happened twice since I put the
acl in place.
>
> Are there any log messages when these queries fail?
> Have you tried
> turning on query logging or raising the debug level?
The next time this happens I won't have them reload
server until I can get there.
>
> --
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not
> directly to me ***
>
>
>
Thanks
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the bind-users
mailing list