On Thu, Sep 27, 2001 at 07:45:58PM +0200, Brad Knowles wrote:
> 
> At 3:21 PM +0000 9/27/01, slidge@slidge.com wrote:
> 
> >   My question is, is there anyway to force a resolver to accept that you
> >   don't know any information and make them stop querying you?
> 
> 	Not really.  When you see something like this happen, I'd suggest 
> that you set yourself up as primary for the zone, point various 
> records within the zone to your own servers, including setting up a 
> web server on which you record on the home page what it is that 
> you've done and why.  You can then put as long a TTL on these records 
> as you want -- multiple years even.

An alternative would be to restrict queries with 'allow-query'
directives in your named.conf to only allow queries for zones for which
you are authoritative. More work, but you can still allow queries from
any internal resolvers that need to use your nameserver, so no loss in
functionality.

> 	People who register a nameserver as being authoritative without 
> contacting the owner of that nameserver will then get what they 
> deserve.

No doubt.
-- 
Nate Campi, UNIX Ops WiReD SF, Terra Lycos DNS, (415) 276-8678  
[root@usa]# rm -rf /bin/laden

-- Attached file included as plaintext by Listar --

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7s2poZzHMkFd7e84RAs3CAKCmNPIazBQn1ftBZTZc1pjNBbU7yACfYeNb
h7NAiCLyo4oMBvGXDMnu7O4=
=Lfun
-----END PGP SIGNATURE-----