Bind 9.8 DNS recursion dont work from the client side - Bug?
Phil Mayers
p.mayers at imperial.ac.uk
Mon May 16 10:25:25 UTC 2011
On 16/05/11 11:00, Juergen Dietl wrote:
> Hello,
>
> I try to make an nslookup from the client. The server dont know the zone
> and for this it should do recursion to another DNS-Server
>
> options {
> dump-file "/var/log/named_dump.db";
> notify-source xx.x.xxx.xxx port 53;
> notify yes;
> listen-on port 53 { xx.x.xxx.xxx; };
> check-names slave ignore;
> directory "/xxxxxxxxxxxx";
> statistics-file "/var/log/named.stats";
> listen-on-v6 { none; };
> forwarders { xx.xxx.x.xxx; xx.xxx.x.xxx; };
> forward first;
> recursion yes;
> };
>
>
> I get back a refused from the server.
You need an allow-recursion ACL. See the ARM for the way that
allow-recusion, allow-query and allow-query-cache interact.
More information about the bind-users
mailing list