On Sat, Dec 09, 2006 at 01:18:47PM +1100, Voytek Eymont wrote:
> I've looked the link for info http://dnsreport.com/info/opendns.htm
> and, inserted this into my named.conf:
>
> recursion no;
> allow-recursion {
> 203.42.34.53;
> 203.42.34.54;
> };
>
> <[email protected]>: Host or domain name not found. Name service error for
> name=slug.org.au type=A: Host found but no data record of requested type
> ------------------------------------
>
> what have I done wrong ?
>From memory you want.
recursion yes; // or leave it out
allow-recursion {
203.42.34.53;
203.42.34.54;
};
Basically the default is
allow-recursion {
any;
};
So as soon as you restrict it only those IPs are allowed.
If you want to be even more restricitve you should do the following.
allow-query {
203.42.34.53;
203.42.34.54;
};
in named.conf and then inside all of you zone defintions.
allow-query { any; };
The reason you do this is because of the following scenario.
Say you just restarted bind and do
dig slug.org.au @nameserver
I won't get a response
If 203.42.34.53 then looks up slug.org.au and then I do
dig slug.org.au @nameserver
I will get a response since a recusrion isn't required as the result
is already cached.
The allow-query prevents this.
--
John
http://www.inodes.org/
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
