controlling recursion
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 17 23:39:21 UTC 2005
Are you *sure* it's allowing recursion? The RA (Recursion Available)
flag is 0 on the query I made to that server. Be aware that even with
recursion disallowed, Internet clients might still be able to fetch
answers that are in your cache, since recursion is not necessary to
resolve those (I was able to get some cached records for msn.com, for
instance). This can be prevented either via allow-query or by going to
views.
- Kevin
Jon Leeman wrote:
>I have three name severs;
>
>203.98.224.66
>BIND 9.2.1 [MASTER]
>Linux Mandrake 8.0
>
>203.98.225.9
>BIND 9.3.1 [Slave]
>NT 4.0 SP6a
>
>203.98.225.10
>BIND 9.3.0 [Slave]
>Linux Mandrake 10.0
>
>with;
>
>allow-recursion {
> 203.98.224.0/23;
> localhost;
> };
>
>inside their respective 'named.conf'. They are standard configurations
> with no views etc..
>
>My problem is the master is allowing recursion from outside our networks
>stipulated but the slaves are not.
>
>I am currently not in a position to upgrade the Master's BIND version to
>the latest.
>
>I'd appreciate any pointers as to what I am doing incorrectly - to stop
>unwanted recursion - and will supply the full details / configurations
>off list if needed.
>
>Thanks,
>
>Jon
>
>
>
>
>
>
>
>
More information about the bind-users
mailing list