Question About Internal Recursive Resolvers
Grant Taylor
gtaylor at tnetconsulting.net
Sat Oct 15 23:44:10 UTC 2022
On 10/15/22 1:51 PM, Greg Choules via bind-users wrote:
> Hi Grant.
Hi Gred,
I'm quickly replying to your message. I'll reply to Matus & Fred later
when I have more time for a proper reply.
> My understanding is this, which is almost identical to what I did in a
> former life:
>
> client ---recursive_query---> recursive_DNS_server
> ---non_recursive_query---> internal_auth/Internet
>
> where:
> client == laptop/phone/server running stub resolver code
> recursive_DNS_server == what Bob is asking about, a recursive-only DNS
> server
> internal_auth == the other component, an authoritative-only DNS server
ACK
I that's the topology I had in my mental map.
> Separation of internal and external clients - preventing external ones
> from accessing internal names - is easily achieved with a couple of
> views, such as this:
I /absolutely/ agree with you. However "views" is /non-default/. --
To reflect Bob's original message.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221015/cbaedaf5/attachment-0001.bin>
More information about the bind-users
mailing list