turning on recursion in bind 9.2.2 makes ssh login prompt slow
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Jan 16 14:41:41 UTC 2008
On Wed, Jan 16, 2008 at 09:30:00AM -0500,
r37ribution at gmail.com <r37ribution at gmail.com> wrote
a message of 120 lines which said:
> I remembered reading that BIND has its own default root servers
Right, see Chris Thompson's message.
> Here is dig with +trace:
It shows that you cannot reach the root name servers.
> FYI, this DNS server is on an isolated network so it doesn't need to
> get out to the world.
In that case, the best solution, IMHO, is to set up a dummy root, with
only your domains inside. That way, the name server will reply
immediately with a NXDOMAIN (or an IP address if you put in-addr.arpa
domains in your dummy root) to the sshd queries.
More information about the bind-users
mailing list