check-names vs. acl

Mark Andrews marka at isc.org
Fri Feb 26 02:08:06 UTC 2010


In message <20100225123134.GB2028 at fantomas.sk>, Matus UHLAR - fantomas writes:
> On 25.02.10 12:01, Matus UHLAR - fantomas wrote:
> > I see that hosts that are not allowed to recurse are often generating
> > check-named errors.
> 
> check-names it is.
> 
> I apparently too often use "named" so I do this king of mistypes.
> 
> > I wonder if it wouldn't be better to check ACL's first and check-names just
> > after it?

It really depends what's more important for you to see.  Whether
you got a recursive query that didn't match a acl or a query that
failed check-names.  Both get REFUSED so the client can't tell the
difference.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list