Re: named recursive queries

From: Maxim Konovalov <maxim_at_macomnet.ru> Date: Thu, 8 Jun 2006 07:30:54 +0400 (MSD) · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:56 UTC

On Wed, 7 Jun 2006, 19:56-0700, Lyndon Nerenberg wrote:

> >I think we need to stop spread misconfigured named's too.  Any
> >objections?
>
> I like OpenBSD's way a bit better:
>
> acl clients {
>        localnets;
>        : :1; 127.0.0.1;
> };
>
> options {
>        allow-recursion { clients; };
> };
>
> It's the same as you propose, but also allows hosts on directly connected
> networks to query.

Yep, agreed.  NetBSD's

allow-recursion { localhost; localnets; };

looks like a good compromise.

-- 
Maxim Konovalov