How to I prevent sending additional data to everybody?
Grant Taylor
gtaylor at tnetconsulting.net
Tue Mar 5 17:34:29 UTC 2019
Hi,
I need some help understanding why the following doesn't work as desired.
I want to 1) allow recursion from subnets defined in myACL, 2) block
recursion from the rest of the world, and 3) not return any additional
data to anybody.
options {
…
additional-from-auth no;
additional-from-cache no;
allow-recursion { myACL; };
// recursion no;
…
};
…
acl myACL {
192.0.2.0/24; // Test-Net-1
198.51.100.0/24; // Test-Net-2
203.0.113.0/24; // Test-Net-3
};
My initial testing shows that BIND 9.10.3-P4-Ubuntu will return
additional data to clients that aren't included in myACL. However it
will not return additional data for clients that are included in myACL.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20190305/149a6ec8/attachment-0001.bin>
More information about the bind-users
mailing list