Force Clients to *always* use authoritative
Karl R. Balsmeier
karl at klxsystems.net
Mon Dec 18 23:12:54 UTC 2006
Peter Dambier wrote:
>Karl R. Balsmeier wrote:
>
>
>>Is there a specific way to set a name server so that clients are always
>>*forced* to use an autoritative name server?
>>
>>UltraDNS and some others have mentioned little features they have, but
>>it only hints at the possibility that somewhere in the DNS spec.
>>
>>-karlski
>>
>>
>>
>
>Just switch off recursion on your server then they are forced to either
>choose an open resolver or run their own namserver as resolver.
>
>If they delete any forwarders from their /etc/named.conf then they do
>query only authoritative nameservers starting with the rootservers and
>rarely ever touch your nameserver most of the time.
>
>kind regards
>Peter and Karin
>
>
>
well, basically we are trying to make sure that the clients do not use
cached lookups...
We were just advised:
If so you could use max-cache-ttl and max-ncache-ttl with a very low ttl like 1 second. Although then you still have a problem with the client itself caching the lookup.
-karlski
More information about the bind-users
mailing list