Sorry, I forgot to mention that the Servers were running "Windows Server 2008". Linux does not seem to be affected.
Von: bind-users-bounces+rolf.haynberg=1und1...@lists.isc.org [mailto:bind-users-bounces+rolf.haynberg=1und1...@lists.isc.org] Im Auftrag von Rolf Haynberg Gesendet: Donnerstag, 20. Juni 2013 14:57 An: bind-users@lists.isc.org Betreff: what is the localnet with netmask 255.255.255.255? Hi Bind-Users and Devs, We are running servers which have an IP netmask of 255.255.255.255 and on which we had configured BIND to "allow-recursion { localnets; };". In this setting I would expect that only requests from the localhost allow recursion as there is no localnet. However, BIND allows recursion globally, here - and we were running open resolvers. Could this be a bug or is this the wanted behavior? To the background of my question: Every Parallels Plesk installation brings a BIND with default config set to "allow-recursion { localnets; };". I would humbly assume that the above described behavior could be the reason for at least some open resolvers in the wild. I'm happy to read your comments, Rolf In article <Pine.NEB.3.96.1000408121723.56992A-100000 at shell-1.enteract.com>, Lance Spitzner <lspitz at enteract.com> wrote: >I am attempting to limit recursive requests >to my internal network only. However, > > allow-recursion { localnets; }; > > Doesn't seem to be doing the trick. What > is the proper way of limiting recursive lookups > to a specific system/network? That's the way to do it. What seems to be going wrong? -- Barry Margolin, barmar at genuity.net Genuity, Burlington, MA *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups. Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
