Date: Mon, 17 Jul 2006 15:34:24 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: dougb@freebsd.org, current@freebsd.org Subject: Re: [fbsd] named recursive queries Message-ID: <20060717153233.Y48063@mp2.macomnet.net> In-Reply-To: <20060717113130.GD6253@obiwan.tataz.chchile.org> References: <20060608015022.Y52876@mp2.macomnet.net> <20060717113130.GD6253@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Jul 2006, 13:31+0200, Jeremie Le Hen wrote: > Hi Maxim, > > On Thu, Jun 08, 2006 at 01:57:20AM +0400, Maxim Konovalov wrote: > > [ Bikeshed zone ] > > > > I think we need to stop spread misconfigured named's too. Any > > objections? > > > > Index: named.conf > > =================================================================== > > RCS file: /home/ncvs/src/etc/namedb/named.conf,v > > retrieving revision 1.22 > > diff -u -p -r1.22 named.conf > > --- named.conf 5 Sep 2005 13:42:22 -0000 1.22 > > +++ named.conf 7 Jun 2006 21:56:26 -0000 > > @@ -30,6 +30,13 @@ options { > > // > > // forward only; > > > > +// Prevent external networks from using us to query domains we are not > > +// authoritative for. > > +// > > + allow-recursion { > > + localhost; > > + }; > > + > > // If you've got a DNS server around at your upstream provider, enter > > // its IP address here, and enable the line below. This will make you > > // benefit from its cache, thus reduce overall DNS traffic in the Internet. > > Albeit this has been widely agreed, this has not been commited yet. > Does any reason explain this, or you just forgot it ? No, I don't forget -- Doug has some ideas. -- Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060717153233.Y48063>