Bind 9.8 DNS recursion dont work from the client side - Bug?
Juergen Dietl
isclists01 at googlemail.com
Mon May 16 11:44:04 UTC 2011
Hello Phil,
thanx a lot for your help.
allow-recursion {any;}; .........Works now.
allow-query {any;};
did also work.
Is this a new behavior? Because in 9.7.3 I dont have to allow querys.
thanx a lot,
cheers,
Juergen
2011/5/16 Phil Mayers <p.mayers at imperial.ac.uk>
> On 16/05/11 11:00, Juergen Dietl wrote:
>
>> Hello,
>>
>> I try to make an nslookup from the client. The server dont know the zone
>> and for this it should do recursion to another DNS-Server
>>
>> options {
>> dump-file "/var/log/named_dump.db";
>> notify-source xx.x.xxx.xxx port 53;
>> notify yes;
>> listen-on port 53 { xx.x.xxx.xxx; };
>> check-names slave ignore;
>> directory "/xxxxxxxxxxxx";
>> statistics-file "/var/log/named.stats";
>> listen-on-v6 { none; };
>> forwarders { xx.xxx.x.xxx; xx.xxx.x.xxx; };
>> forward first;
>> recursion yes;
>> };
>>
>>
>> I get back a refused from the server.
>>
>
> You need an allow-recursion ACL. See the ARM for the way that
> allow-recusion, allow-query and allow-query-cache interact.
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110516/9060982f/attachment.html>
More information about the bind-users
mailing list