allow-resursion stuff

Mipam mipam at ibb.net
Wed Jun 7 12:53:17 UTC 2006


Hi All,

The allow-recursion { trusted; }; is very nice.
However, isn't it true to when you haven't also got
allow-query { trusted; }; there is still an issue with just
allow-recursion? For example, suppose that somebody within the trusted range
did a query on yahoo.com, it'll be cached. Suppose that allow-query isn't set
and an external client does a query on yahoo.com he'll get a response because
the answer is still in the cache? Meaning that external clients can query
the specified domains which are defined in named.conf but also what is in
cache? I guess this issue will be addressed in bind 9.4.0 with
"allow-query-cache" ?
Bye,

Mipam.



More information about the bind-users mailing list