DNS Recursion
Benjamin Scott
dragonhawk at iname.com
Sun Sep 18 21:39:00 EDT 2005
On Sep 15 at 8:25am, Kenneth E. Lussier wrote:
>> "allow-recursion" is not the best choice for this. In the above, BIND will
>> still attempt to answer queries, it just won't perform recursion to do so.
>> In particular, the cache is still available. See problem statement, above.
>
> Interesting.. I have apparently mis-understood the allow-recursion
> option for many years.
Well, allow-recursion will make your nameserver pretty useless for most
people, so it does get the job done. But BIND will still respond to such
queries, even if only to complain that it lacks data. The "allow-query"
option is just "the right way" to do what you want.
--
Ben <dragonhawk at iname.com>
More information about the gnhlug-discuss
mailing list