John.Manson at mail.house.gov
Thu Mar 28 17:09:54 UTC 2013
Maybe my understanding of how bind works is faulty.
I thought bind would do the leg work to get an IP.
Especially when it is authoritative for CNAME domain.
Even a dig on mercury gives the same 'no IP' result.
Sorry for the bother.
From: Chris Buxton [mailto:clists at buxtonfamily.us]
Sent: Thursday, March 28, 2013 12:57 PM
To: Manson, John
Cc: bind-users at lists.isc.org
Subject: Re: Recursion issue
On Mar 28, 2013, at 9:05 AM, Manson, John wrote:
> I disagree with your statement about recursion.
> What stops an authoritative server from doing recursion if you do not have the recursion statement?
> I guess the bind default is recursion yes.
OK, bad choice of words on my part. I did not mean to say that you should not set any configuration options to disable recursion, because as you said, it is on by default (but restricted, by default, to localnets and localhost). What I meant was that there is no reason to permit recursive queries to your authoritative servers. Therefore, I would recommend turning it off using 'recursion no;' in your options or view statement.
More information about the bind-users