named recursive queries

[Maxim Konovalov]

On Wed, 7 Jun 2006, 19:56-0700, Lyndon Nerenberg wrote:

> >I think we need to stop spread misconfigured named's too.  Any
> >objections?
>
> I like OpenBSD's way a bit better:
>
> acl clients {
>        localnets;
>        : :1; 127.0.0.1;
> };
>
> options {
>        allow-recursion { clients; };
> };
>
> It's the same as you propose, but also allows hosts on directly connected
> networks to query.

Yep, agreed.  NetBSD's

allow-recursion { localhost; localnets; };

looks like a good compromise.

-- 
Maxim Konovalov