recursion

[Glenn Vidad]

is the log file the only place to look at to see if allow-recursion is
working?
i setup allow-recursion with my internal ips in them, stopped and started
bind, and i see "denied recursion" messages in my log files...
...but i thought i would've been able to run dig's against our nameservers
from a system not in the allow-recursion list and expect no results.
i ran dig @ns1.domain.com domain2.com (from an outside iop) before and after

placing the allow-recursive entry in my named.conf and the results stayed
the same.  is that right?


-----Original Message-----
From: Gerald Waugh [mailto:gwaugh at frontstreetnetworks.com]
Sent: Wednesday, November 13, 2002 5:59 AM
To: bind-users at isc.org
Subject: recursion




Since I added
allow-recursion { all; of; my; ips; };

I sure get a lot of denied recursion entries from foreign ip addresses in
the log file!
This is not a 'bad' thing is it?

Gerald