Recursion no
Nick Allum
Nick.Allum at rci.rogers.com
Thu Nov 16 15:23:51 UTC 2006
Do you know how you would go about locking down your advertisitng DNS
Servers by turning recursion off but still allowing some CNAME's to
resolve to other external non authorative.
For example you are advertising the domain
hello.com
In the zone file it contains
Test IN A 142.142.14.2
More IN A 142.142.14.3
Again IN A 142.142.14.4
Out IN CNAME somexternal.domain.com.
Nice IN A 142.146.144.5
Outside IN CNAME yahooos.yahoo.com.
The hostname outside.hello.com. Will not resolve as my servers is non
recursive, also out.hello.com. Will also not resolve. How would I be
able to work around this situation in order to protect my dns server
from performing recursive lookups to the rest of the world.
Thanks
Nick
More information about the bind-users
mailing list