Security Question
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Thu Jul 22 08:42:53 UTC 2004
tnaves at linkwest.net wrote:
> I was reading some stuff by Microsoft on split dns. They insist that a
> dns server on a private network should never use a root hints file but
> should always forward to the dns server at you ISP.
I wouldn't consider MS authorative regarding dns. What they call "best practice"
might be unscalable, slow and buggy.
> What do you all think about this? Is it safe to use root hints from a
> private network behind a firewall or should you always forward?
Forwarding is seldom a good way, however learning more is better then
taking (ill-informed advices) from strangers. Go and get the "reference book"
"managing dns and bind", 4.ed from o'reilly. isbn 0-596-00158-4
> Thanks,
> Tom Naves
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list