views, recursion, and allow-recursion
R Dicaire
kritek at gmail.com
Sun Jun 22 23:37:01 UTC 2008
On Sun, Jun 22, 2008 at 6:05 PM, Alan Clegg <Alan_Clegg at isc.org> wrote:
> Since your internal ACL matches what you were using in
> "allow-recursion", just change the "allow-recursion" in global options
> to "recursion no;" and allow the view based "recursion yes;" (internal)
> and "recursion no;" (external) to override it.
>
> Note that !0.0.0.0 ("none") is added to every ACL expansion, so you
> don't need it in the example above.
>
> Just for good measure, you may want to change the external match-clients to:
>
> match-clients { !internal; any; };
Having made the above modifications, external client queries for data
my NS isn't authoritative for no longer show cache query denied in
syslog, but instead return a list of the tld root servers.
Is this the appropriate response/behaviour?
--
aRDy Music and Rick Dicaire present:
http://www.ardynet.com
http://www.ardynet.com:9000/ardymusic.ogg.m3u
More information about the bind-users
mailing list