On Dec 3, 2009, at 10:16 AM, Kevin Darcy wrote: > Chris Buxton wrote: >> On Dec 2, 2009, at 6:40 AM, Dmitry Rybin wrote: >>> Hello! >>> >>> I can't find in docs how disable answer (Refused), if recursion for IP is >>> not allowed? >> >> >> Something like this should work: >> _________________________________ >> >> view caching-server { >> match-recursive-only yes; >> blackhole { ! authorized-clients; any; }; >> // any other resolution configuration goes here >> }; >> > > "This should work" <--- one of the scariest phrases in the computing field :-)
True, true. It means, of course, "The docs suggest this will work, but I haven't actually tested it." > Unfortunately, "blackhole" can only appear the (global) "options" clause: I'm happy to be corrected. You'd never know this from reading the BIND ARM. >From the description of the view statement: Many of the options given in the options statement can also be used within a view statement, and then apply only when resolving queries with that view. There is no definitive list of the options that can or can not be used in a view. Likewise, the description of the blackhole statement makes no mention of the fact that it's not valid inside a view. So, to the original poster, we're back to "it can't be done with BIND configuration." Of course, you could hack the BIND source code... Chris Buxton Professional Services Men & Mice _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users