Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 Jul 2006 15:34:24 +0400 (MSD)
From:      Maxim Konovalov <maxim@macomnet.ru>
To:        Jeremie Le Hen <jeremie@le-hen.org>
Cc:        dougb@freebsd.org, current@freebsd.org
Subject:   Re: [fbsd] named recursive queries
Message-ID:  <20060717153233.Y48063@mp2.macomnet.net>
In-Reply-To: <20060717113130.GD6253@obiwan.tataz.chchile.org>
References:  <20060608015022.Y52876@mp2.macomnet.net> <20060717113130.GD6253@obiwan.tataz.chchile.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Jul 2006, 13:31+0200, Jeremie Le Hen wrote:

> Hi Maxim,
>
> On Thu, Jun 08, 2006 at 01:57:20AM +0400, Maxim Konovalov wrote:
> > [ Bikeshed zone ]
> >
> > I think we need to stop spread misconfigured named's too.  Any
> > objections?
> >
> > Index: named.conf
> > ===================================================================
> > RCS file: /home/ncvs/src/etc/namedb/named.conf,v
> > retrieving revision 1.22
> > diff -u -p -r1.22 named.conf
> > --- named.conf	5 Sep 2005 13:42:22 -0000	1.22
> > +++ named.conf	7 Jun 2006 21:56:26 -0000
> > @@ -30,6 +30,13 @@ options {
> >  //
> >  //      forward only;
> >
> > +// Prevent external networks from using us to query domains we are not
> > +// authoritative for.
> > +//
> > +	allow-recursion {
> > +		localhost;
> > +	};
> > +
> >  // If you've got a DNS server around at your upstream provider, enter
> >  // its IP address here, and enable the line below.  This will make you
> >  // benefit from its cache, thus reduce overall DNS traffic in the Internet.
>
> Albeit this has been widely agreed, this has not been commited yet.
> Does any reason explain this, or you just forgot it ?

No, I don't forget -- Doug has some ideas.

-- 
Maxim Konovalov



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060717153233.Y48063>