bind-users Digest, Vol 2083, Issue 1

Reindl Harald h.reindl at thelounge.net
Sun Apr 5 16:07:59 UTC 2015



Am 05.04.2015 um 17:52 schrieb STEPHEN EYRE:
> The aim is to make it authoritive as well as hosting my web sites

but a authoritive nameserver don't need nor should it do recursion for 
foreign zones, it only should respond for the zones he is authoritative 
for and so the behavior is correctly, make sure it answers for your 
zones and the point your domains to your nameservers (at least TWO) and 
you are done

> Message: 1
> Date: Sun, 05 Apr 2015 09:32:36 +0100
> From: Stephen Eyre <sceyre at btinternet.com <javascript:return>>
> To: bind-users at lists.isc.org <javascript:return>
> Subject: Dig, open servers and A records
> Message-ID: <5520F324.7050709 at btinternet.com <javascript:return>>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> Dear All
>
> The good news is that I have my server running. The not so good news is
> that there are a few problems which could be interconnected.
>
> My server is called server1.sportshost.co.uk and its ip address is
> 84.92.56.54.
>
> Going on to whatsmydns.net I find that sportshost.co.uk returns suitable
> entries under the NS and SOA section. There are nothing but red crosses
> under A records section - I was expecting my ip address.
>
> Then when I dig a domain name like google.co.uk I get suitable replies
> but when I dig an ip address like 8.8.8.8 the request gets the reply
> REFUSED.
>
> Further enquiries show that I dont have an open recursive site when the
> errors above still apply.
>
> When I change my /etc/bind/named.conf.local file from 'recursion no;' to
> 'recursion yes;' I get an inverse of the above. I get full replies from
> all my dig enquiries but I get an open recursive warning - which I
> obviously dont want.
>
> whatsmydns.net replies remain the same.
>
> So todays question is - what do I need to do to keep my server closed,
> get proper dig replies and get my A records showing up on whatsmydns.net?
>
> Or is everything working well and its not necessary to have dig
> providing proper replies?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150405/860cd24d/attachment.bin>


More information about the bind-users mailing list