recursion and forward zones
Barry Margolin
barmar at alum.mit.edu
Fri Mar 31 02:13:03 UTC 2006
In article <e0i167$cu3$1 at sf1.isc.org>,
Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> Jack Tavares wrote:
>
> >Hi
> >
> >I am trying to setup a forwarding zone. (bind9.2.3, linux)
> >By default I have "recursion no;" set in the global
> >options.
> >
> >i set up the forwarding zone, but the only
> >way I can get it to work is to turn recursion on.
> >Or more accurately, comment out the
> >recursion no;
> >
> >statement, which runs the default behaviour of allowing
> >recursion.
> >
> >It would seem to me that recursion and forwarding are
> >different features and that disabling one should
> >not disable the other.
> >
> What do you think "recursion" means, in that context? It means your BIND
> instance is able and willing to go out and fetch DNS information from
> other nameservers, in order to satisfy client requests. The fact that
> you're trying to set up a forwarding zone, implies that you want to
> enable resolution of names in that part of the namespace hierarchy, at
> least for some select group of clients that ask for it. This is directly
> contradictory to "recursion no", which basically means "I'm only going
> to answer from my own authoritative data and not ask anyone else for the
> answers to your questions".
>
> You should probably set up that forwarding zone under a separate view,
> one which has recursive service enabled.
Can the allow-query option be used in a forwarding zone? That would be
a simpler solution than views if this is the only zone that it's needed
for.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list