Disable Refused answer
Tony Finch
dot at dotat.at
Tue Dec 8 14:34:01 UTC 2009
On Fri, 4 Dec 2009, Chris Thompson wrote:
>
> [It's never been entirely clear to me why these functions have to be
> combined, especially given that "server [ipaddr/len] {bogus yes;};"
> can be used to block outgoing queries.]
The CIDR syntax for server clauses is relatively new. Before it was added
the only option for blocking large chunks of address space was to use the
blackhole feature.
(We used it on our MX's name servers to stop DNS queries triggered by
incoming email from probing our internal private address space.)
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.
More information about the bind-users
mailing list