Public DNS - recursion no - Access to the Internet

Jarek Buczyński jaro80 at
Mon Feb 19 17:12:50 UTC 2007

Threat's growing :) 
Below is next quote:

"If you use multiple nameserver directives, don't use the loopback address!
There's a bug in some Berkeley-derived TCP/IP implementations that can cause
problems with BIND if the local nameserver is down. The resolver's connected
datagram socket won't rebind to a new local address if the local nameserver
isn't running, and consequently the resolver sends query packets to the
fallback remote nameservers with a source address of When the
remote nameservers try to reply, they end up sending the reply packets to

Best regards

More information about the bind-users mailing list