Recursion issue

Manson, John John.Manson at mail.house.gov
Thu Mar 28 17:09:54 UTC 2013


Maybe my understanding of how bind works is faulty.
I thought bind would do the leg work to get an IP.
Especially when it is authoritative for CNAME domain.
Even a dig on mercury gives the same 'no IP' result.
Sorry for the bother.

-----Original Message-----
From: Chris Buxton [mailto:clists at buxtonfamily.us] 
Sent: Thursday, March 28, 2013 12:57 PM
To: Manson, John
Cc: bind-users at lists.isc.org
Subject: Re: Recursion issue

On Mar 28, 2013, at 9:05 AM, Manson, John wrote:
> I disagree with your statement about recursion.
> What stops an authoritative server from doing recursion if you do not have the recursion statement?
> I guess the bind default is recursion yes.

OK, bad choice of words on my part. I did not mean to say that you should not set any configuration options to disable recursion, because as you said, it is on by default (but restricted, by default, to localnets and localhost). What I meant was that there is no reason to permit recursive queries to your authoritative servers. Therefore, I would recommend turning it off using 'recursion no;' in your options or view statement.

Chris Buxton
BlueCat Networks



More information about the bind-users mailing list