[fbsd] named recursive queries
Jeremie Le Hen
jeremie at le-hen.org
Mon Jul 17 11:30:54 UTC 2006
Hi Maxim,
On Thu, Jun 08, 2006 at 01:57:20AM +0400, Maxim Konovalov wrote:
> [ Bikeshed zone ]
>
> I think we need to stop spread misconfigured named's too. Any
> objections?
>
> Index: named.conf
> ===================================================================
> RCS file: /home/ncvs/src/etc/namedb/named.conf,v
> retrieving revision 1.22
> diff -u -p -r1.22 named.conf
> --- named.conf 5 Sep 2005 13:42:22 -0000 1.22
> +++ named.conf 7 Jun 2006 21:56:26 -0000
> @@ -30,6 +30,13 @@ options {
> //
> // forward only;
>
> +// Prevent external networks from using us to query domains we are not
> +// authoritative for.
> +//
> + allow-recursion {
> + localhost;
> + };
> +
> // If you've got a DNS server around at your upstream provider, enter
> // its IP address here, and enable the line below. This will make you
> // benefit from its cache, thus reduce overall DNS traffic in the Internet.
Albeit this has been widely agreed, this has not been commited yet.
Does any reason explain this, or you just forgot it ?
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-current
mailing list