allow query / allow recursion confusion
Clenna Lumina
savagebeaste at yahoo.com
Fri Jun 22 00:09:16 UTC 2007
Kal Feher wrote:
> On 21/6/07 1:14 PM, "Clenna Lumina" <savagebeaste at yahoo.com> wrote:
>
>>
>> Doesn't setting
>>
>> recursion no;
>>
>> do that too?
> No, I'll elaborate below from the 9.4 ARM:
>
> "allow-recursion
>
> Note that disallowing recursive queries for a host does not prevent
> the host from retrieving data that is already in the server's cache."
>
> and
>
> "recursion
>
> Note that setting recursion no does not prevent clients from
> getting data from the server's cache; it only prevents new data from
> being cached as an effect of client queries. Caching may still occur
> as an effect the server's internal operation, such as NOTIFY address
> lookups."
>
> So we now use:
>
> "allow-query-cache
>
> Specifies which hosts are allowed to get answers from the cache.
> The default is the builtin acls localnets and localhost. "
>
Sorry, I should been more clear. Using "recursion no;" in the scope of a
"view" seems to prevent _any_ resursive queries.
* * *
I even did a test using my bind 9.3.4 server that masters some zones.
More information about the bind-users
mailing list