dns delegation and recursion
Mark_Andrews at isc.org
Tue Feb 28 21:24:55 UTC 2006
> On Mon, 27 Feb 2006 20:51:10 -0500
> Barry Margolin <barmar at alum.mit.edu> wrote:
> > In article <dtumto$1pup$1 at sf1.isc.org>,
> > (TM)U?II? ?OU?I?IE <skor at hellug.gr> wrote:
> > > Hi all.
> > >
> > > I have an authoritative only dns server running bind 9.
> > > Is there any way I can permit recursion for specific zones?
> > > For example I have a zone example.com which delegates some sub
> > > domains to other nameservers.
> > > sub.example.com. IN NS other.dns.server.
> > >
> > > I prefer not to enable recursion globaly.
> > Why do you think you need this? The queries that come in to your
> > server will most likely not have the Recursion Desired flag set. So
> > even if you allowed recursion, it wouldn't be requested so you
> > wouldn't do it.
> Thanx for you reply.
> Well it seems that with no recursion, this doesn't work. I was able to
> get a correct response only when I enabled recursion.
And were you asking with recursion desired set or not. Most
tools default to asking with recursion desired set and if you
are directly querying the parent server you need recursion
desired to no be set.
dig ns sub.example.com +norec @parent
This will return a referral.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users