About root zones
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Jan 2 14:03:55 UTC 2012
>>>> On 21.12.11 19:21, Peter Andreev wrote:
>>> I think that if server is authoritative - and - slave-only it should
>>> use system resolver rather than querying by itself.
>2012/1/2 Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>> BIND will not use system resolver. BIND is the resolver. Relying on other
>> resolver could cause troubles. If BIND does not need to resolve, it will
>> not. If it needs, don't block it.
On 02.01.12 16:42, Peter Andreev wrote:
>I understood your point, however it differs from mine.
>
>Matus, I'm afraid we won't find consent on this topic. So I offer you
>to stop this discussion.
>Thank you for suggestions and happy new year!
I don't see your point now. I'm afraid that you will have to live with
the fact that you can not disable sending queries from BIND when it
needs them, you can only prevent it by configuring BIND (so it will not
need them) or firewall such packets so they will not get outside (which
may break its functionality).
Maybe ISC will patch BIND to use system resolver for internal queries,
but I doubt so. Maybe you can do it but imho it's not worth trying.
Maybe you can set up forward only; and forwarders {}; so BIND will
forward all recursive queries it generates to your recursive servers.
But the way you are trying to get over this, I'm afrait you will fail
and that's what I am trying to tell you.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
How does cat play with mouse? cat /dev/mouse
More information about the bind-users
mailing list