Blocking corrupt nameservers.
Michael Bryan
bind at ursine.com
Wed Jun 14 16:29:49 UTC 2000
André Paulsberg wrote:
>
> Is there a *good* way in the bind configuration to block it from using
> certain nameservers, that are either corrupt or is compromised in other
> ways.
http://www.isc.org/products/BIND/docs/config/server.html
The "bogus" keyword is what you want.
I'd strongly recommend reading through the entire configuration file
documentation, to get a feel for what options are available. Next time
you have a question, check the documentation first, it's always better
when you can find the answer online without having to wait for somebody
to give you an answer.
> Lets say foobar.com had 5 nameservers and one of them (ns2.foobar.com)
> always caused some error to occur or bad data to be sent to us,
> or just was never update with correct information.
>
> Blocking the DNS traffic on our routers seems a bad choice,
> since this will delay the lockups and risk other traffic to be lost.
>
> Regards André Paulsberg
More information about the bind-users
mailing list