Question About Internal Recursive Resolvers
Bob McDonald
bmcdonaldjr at gmail.com
Tue Oct 18 13:23:31 UTC 2022
Let's not overthink this. I fear that I've activated a lot of creative
circuitry in individuals and provided flimsy details around my example.
There are no outside clients. In this example, I'm only discussing inside
clients on inside DNS. The recursive resolvers that ALL inside clients
connect to will seek responses from the DNS root servers AFTER determining
that the response can not be determined from the internal DNS zones. There
is no access provided to outside (internet centric) clients to inside DNS.
The determination of known/unknown clients is via a NAC layer and further,
the classification of unknown gets automatically assigned to those clients
combining in through GUEST WiFi (e.g. cell phones, ipads, etc.). Most
organizations with a NAC layer in place have procedures to allow unknown
clients temporary access at some level (e.g. vendors, etc.).
HTH,
Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221018/552b0bdc/attachment.htm>
More information about the bind-users
mailing list