recursion

[Alan Clegg]

Lightner, Jeff wrote:
> Modern being?

Actually....

In the 9.4 CHANGES file I find:

        --- 9.4.0a4 released ---
[...]
2006.   [security]    Allow-query-cache and allow-recursion now default
                      to the builtin acls "localnets" and "localhost".

                      This is being done to make caching servers less
                      attractive as reflective amplifying targets for
                      spoofed traffic.  This still leave authoritative
                      servers exposed.

                      The best fix is for full BCP 38 deployment to
                      remove spoofed traffic.

So, "modern" (in this case) is any currently supported version of BIND.

9.4, 9.5, 9.6, 9.7

AlanC

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100310/a2e88f63/attachment.bin>