Public DNS - recursion no - Access to the Internet
Jarek Buczyński
jaro80 at gmail.com
Mon Feb 19 17:12:50 UTC 2007
Threat's growing :)
Below is next quote:
"If you use multiple nameserver directives, don't use the loopback address!
There's a bug in some Berkeley-derived TCP/IP implementations that can cause
problems with BIND if the local nameserver is down. The resolver's connected
datagram socket won't rebind to a new local address if the local nameserver
isn't running, and consequently the resolver sends query packets to the
fallback remote nameservers with a source address of 127.0.0.1. When the
remote nameservers try to reply, they end up sending the reply packets to
themselves."
--
Best regards
More information about the bind-users
mailing list