check-names vs. acl
Mark Andrews
marka at isc.org
Fri Feb 26 02:08:06 UTC 2010
In message <20100225123134.GB2028 at fantomas.sk>, Matus UHLAR - fantomas writes:
> On 25.02.10 12:01, Matus UHLAR - fantomas wrote:
> > I see that hosts that are not allowed to recurse are often generating
> > check-named errors.
>
> check-names it is.
>
> I apparently too often use "named" so I do this king of mistypes.
>
> > I wonder if it wouldn't be better to check ACL's first and check-names just
> > after it?
It really depends what's more important for you to see. Whether
you got a recursive query that didn't match a acl or a query that
failed check-names. Both get REFUSED so the client can't tell the
difference.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list