On 21 January 2014 09:03, LuKreme <krem...@kreme.com> wrote: > If you set recursion no; in named.conf, you need to set the forwarders as > well. Is there anything else that must be done so that DNS queries still work?
Forwarding will not work if you don't have recursion enabled. With recursion disabled you are a pure authoritative server, you will only answer queries to which you are serving data for. > If you have master/slave servers you should specify allow-recursion for your > subnet instead, right? I'd you do this, you don't need to set forwarders, yes? Recursion has no effect with the master/slave relationship. Recursion is only needed if clients need to be able to resolve names and you want your nameserver to lookup that answer for them. If you have recursion enabled then no you don't need to specify forwarders, but you do need to ensure your nameservers have full outbound DNS to the Internet (and all of the Internet) and it isn't blocked by any firewall. > And finally, can you specify a slave DNS against a CNAME or must it have a > rDNS and an A record? No, http://tools.ietf.org/html/rfc2181 - Section 10.3: The domain name used as the value of a NS resource record, or part of the value of a MX resource record must not be an alias. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users