Preventing recursion ... (preventing confusion?)

[Jeff Lightner]

I'm using 9.3.4-P1 (backported for the exploit) on RHEL5 so had to do it
this way.   For later BIND versions you're correct based on the reading
I did at the time.

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Barry Margolin
Sent: Wednesday, July 30, 2008 10:55 PM
To: comp-protocols-dns-bind at isc.org
Subject: Re: Preventing recursion ... (preventing confusion?)

In article <g6q7bj$1tu0$1 at sf1.isc.org>,
 "Jeff Lightner" <jlightner at water.com> wrote:

> On my RHEL5 box the way I insured neither cache lookups nor recursive
> lookups would work for outsiders was modify named conf to have:
> 
> 1)  options section:
>         allow-query { internaldns; externaldns; };
>         allow-recursion { internaldns; externaldns; };

Of course, if you're restricting allow-query, you don't need to specify 
allow-recursion.  Allow-recursion is only needed when it's more 
restrictive than allow-query.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------