per-zone query-source on recursive resolver
Tony Finch
dot at dotat.at
Mon Oct 28 16:38:13 UTC 2019
Erich Eckner <bind at eckner.net> wrote:
>
> I'm undecided whether they're authoritative or not. On one hand, they are
> distributed via DHCP as default DNS servers, speaking for "recursive", on
> the other hand, they have matching SOA records (and I think, that means,
> they're authoritative) - maybe they're both?
If they are advertised via DHCP they have to be recursive, otherwise stub
resolvers would not work :-) The key thing to look for is the RA bit
(recursion available) in answers you get from the server. The servers can
also be authoritative with AA=1 (authoritaive answer) for some zones, but
that won't prevent you from using them as forwarders.
For choosing between the alternatives I should have been more precise and
said you have to use static-stub instead of forwarding if the target
server is "authoritative-only" (i.e. RA=0). If you use static-stub the
target server must be authoritative for the zone, regardless of whether it
offers recursion.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
a fair, free and open society
More information about the bind-users
mailing list