Package: release-notes I suggest the following for inclusion in the release notes:
By default, BIND no longer serves recursive queries to external hosts, only to localhost and RFC 1918 private address space. To restore the previous behavior, add allow-query-cache and allow-recursion statements to the /etc/bind/named.conf.options file. BIND 8 has been removed. This is based on the following NEWS item from the bind9 package. You could also use that instead. bind9 (1:9.4.0-1) experimental; urgency=low As of bind 9.4, allow-query-cache and allow-recursion default to the builtin acls 'localnets' and 'localhost'. If you are setting up a name server for a network, you will almost certainly need to change this. The change in default has been done to make caching servers less attractive as reflective amplifying targets for spoofed traffic. This still leaves authoritative servers exposed. The best fix is for full BCP 38 deployment to remove spoofed traffic. -- LaMont Jones <[email protected]> Wed, 03 Oct 2007 00:52:44 -0600 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
