Date: Thu, 8 Jun 2006 07:30:54 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: Lyndon Nerenberg <lyndon@orthanc.ca> Cc: current@freebsd.org Subject: Re: named recursive queries Message-ID: <20060608072636.C6097@mp2.macomnet.net> In-Reply-To: <6F58AE0B-7A48-4675-96C3-92899A4DF8AD@orthanc.ca> References: <20060608015022.Y52876@mp2.macomnet.net> <6F58AE0B-7A48-4675-96C3-92899A4DF8AD@orthanc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Jun 2006, 19:56-0700, Lyndon Nerenberg wrote:
> >I think we need to stop spread misconfigured named's too. Any
> >objections?
>
> I like OpenBSD's way a bit better:
>
> acl clients {
> localnets;
> : :1; 127.0.0.1;
> };
>
> options {
> allow-recursion { clients; };
> };
>
> It's the same as you propose, but also allows hosts on directly connected
> networks to query.
Yep, agreed. NetBSD's
allow-recursion { localhost; localnets; };
looks like a good compromise.
--
Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060608072636.C6097>