Blocking reverse lookup queries for private ips
Reindl Harald
h.reindl at thelounge.net
Thu Nov 24 11:48:04 UTC 2016
Am 24.11.2016 um 12:40 schrieb Sachin Patil:
> I need to forward requests to google as I am using this as forwarding
> server.
the question is *why* because there is no benefit but only problems and
beware if you run a mailserver with RBL/URIBL which won't work with such
a setup as you think
that would make sense if your forwarding target would be a own server
which has non-public zones but forwarding to a ISP/Google caching sevrer
is pointless
> On Thu, Nov 24, 2016 at 3:06 PM, Matus UHLAR - fantomas
> <uhlar at fantomas.sk <mailto:uhlar at fantomas.sk>> wrote:
>
> On 24.11.16 13:57, Sachin Patil wrote:
>
> I have changed option - "forward only;" to "forward first;" and
> it has
> enabled empty zones.
> I can see request for private ips not going over internet using
> tcpdump.
>
> This configurations works, but is this good configuration for
> forward only
> dns server or will there be any problems related caching etc
> with this conf.
>
>
> no, the good configuration is if you do the recursion yourself, without
> forwarding to google
More information about the bind-users
mailing list