About root zones
Peter Andreev
andreev.peter at gmail.com
Wed Dec 21 09:05:24 UTC 2011
2011/12/21 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>>>> 2011/12/20 Mark Andrews <marka at isc.org>:
>>>>>
>>>>> Named has a compiled in set of root hints. It is used if
>>>>> a root zone is not defined in named.conf.
>
>
>>> On 20.12.11 17:37, Peter Andreev wrote:
>>>>
>>>> Whether it means that without hint zone named still can perform
>>>> iterative lookups for its internal purposes?
>
>
>> 2011/12/20 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>>>
>>> yes.
>
>
> On 21.12.11 12:17, Peter Andreev wrote:
>>
>> This fact is really disappointing.
>
>
> well, it's needed for proper functionality. What exactly seems to be your
> problem?
Well, we run a bunch of authoritative-only slave servers and obviously
they don't have to perform any kind of lookups.
Some time ago user complained that one of these slave servers
responses with wrong data. My colleague tried to investigate this
issue, but without any success. Just in case we disabled
"additional-from-cache".
That's why any sort of internal lookups looks very suspicious for me.
>
> Note that
> - only clients that are allowed to recurse are able to see date
> the "type hint" zone
> - only clients from local networks are allowed to recurse by default.
> You can tune this by configuring the "allow-recursion" option.
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Atheism is a non-prophet organization.
> _______________________________________________
>
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
--
AP
More information about the bind-users
mailing list