On 6/11/19 11:10 PM, Jonas Frey wrote: > This whole BCP (whatever that includes in detail) is nowhere > documented.
hi, to be honest there is a meaningful BCP about the topic: RFC 5358, BCP 140, Preventing Use of Recursive Nameservers in Reflector Attacks. under "Recommended configuration" paragraph: In general, it is a good idea to keep recursive and authoritative services separate as much as practical. -- antonio
signature.asc
Description: OpenPGP digital signature
