On 28.12.22 12:55, John Stimson via users wrote:
The machine has bind9 running locally to provide DNS for its own domain, and uses it for name resolution. 

On Wed, 28 Dec 2022, Matus UHLAR - fantomas wrote:
This is the problem:

Bind9 is configured to use OpenDNS and Google as forwarders.

BIND does NOT need forwarders and by using it, you mostprobably have created this problem.

remove forwarders statement.

On 28.12.22 13:28, John Hardin wrote:
You can also set up per-DNSBL forwarding suppression while still forwarding for other lookups:


   // Don't forward DNSBL/URIBL lookups to ISP
   zone "list.dnswl.org" IN {
       type forward;
       forward first;
       forwarders { };
   };

   zone "multi.uribl.com" IN {
       type forward;
       forward first;
       forwarders { };
   };

   ...etc. for all DNSBL subdomains.

while technically possible, it's really useless - as I said, BIND can perfectly resolve by itself, it's afaik most used DNS server.

forwarding to open resolvers just opens your DNS to possible problems with new and new zones.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors

Reply via email to