DNS Server busy

Hal Dell hdell at epodworks.net
Mon Jul 30 01:39:19 UTC 2007


Hello... I have some questions about DNS Security. 've been noticing my DNS
is more busy then usual. We are running 9.4.1 and have split DNS access into
two views for internal and external users. In the case of external users
recursion is off.
Although, this split does work and I've tested it and get "REFUSED" query
returned , it appears that few log entries are being generated with the text
"REFUSED" in the log entry given the volume. In fact, when look at packet
trace I see queries for domain that are NOT authoritative being resolved by
my DNS.

In the options section I have "recursion no;" and "allow-query {
my-internal-network; };". I don't get any errors from DNS during parsing of
the conf and zone files.

The internal view starts like this:

view "internal" in {
        match-clients { my-internal-network; };
        recursion yes;
        additional-from-auth yes;
        additional-from-cache yes;

And the external view starts like:

view "external" in {
        match-clients { any; };
        recursion no;
        additional-from-auth no;
        additional-from-cache no;

Any one have thoughts about why this is happening? I also see some confusion
with some of thse parameters. What do I need to fully shutdown not
authoritative quries to the external view? Also, what is the effect of using
both or on of "allow-recursion { my-internal-network; }; " and "recursion
no;".

Thanks,

Hal Dell
Network Operations
ePodWorks.net





More information about the bind-users mailing list