Anurag Bhatia <m...@anuragbhatia.com> wrote: > > Now I see presence of some (legitimate) DNS forwarders and hence I don't > wish to limit queries.
You are going to have to change your mind about this one. Open recursive resolvers are a really bad idea, unless you can afford a lot of time and cleverness to manage the abuse. Get your users to choose a more appropriate name server, and restrict your name server to your local networks. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first.
