rbldnsd and DNSSEC compatibility issues - any suggestions?
Fred Morris
m3047 at m3047.net
Mon Sep 14 16:17:46 UTC 2020
On Mon, 14 Sep 2020, Mark Andrews wrote:
> [...] All
> the queries to the recursive server with this configuration not answered by
> the server will leak. The configuration needs “forward only;” to be added
> to prevent the leak. We see this all the time.
>
> zone “non-existant-tld” {
> type forward;
> forwarders { <address>; };
> forward only;
> };
Worth making note of! :-)
> Remember forwarding started off as a performance measure. Falling back to
> talking to the root servers is desired in that scenario.
--
Fred Morris
More information about the bind-users
mailing list