Default Xfrout transfer_acl
Jeremy C. Reed
jreed at isc.org
Wed Feb 8 14:12:56 UTC 2012
> In conjunction with this I would like to point out that you have set
> up b10-resolver by default to accept queries only from localhost.
> Using the same reasoning as above, this is a good choice. In bind9, on
> the other hand, allow-query defaults to all hosts, so you do have a
> precedent for breaking tradition with bind9.
This default for BIND 9 was changed a few years ago. While it may allow
queries, it may not provide useful answers. See confusing configuration
for allow-query-cache and allow-recursion about how they default to the
local networks only.
More information about the bind10-users
mailing list