[dns-operations] Best Practices in DNS security
Paul Vixie
paul at vix.com
Fri Mar 17 18:06:13 UTC 2006
# Basically I'm trying very hard to find how bad running authoritative and
# recursive service on the same nameserver actually is. In our case
# splitting them is on the todo list, but I'm unable to get a feeling for
# the urgency....and what the real problems are (that won't be fixed in
# another release of bind :) ).
this isn't a bind-specific issue, other than in how bind guesses the way to
behave when the rfc doesn't specify. here's how i put it on namedroppers@
recently, and how pvm (author of the original dns spec) answered me, and
what my followup questions were.
-------------- next part --------------
An embedded message was scrubbed...
From: Paul Vixie <paul at vix.com>
Subject: the RD bit is troubling me today
Date: Sat, 04 Feb 2006 01:37:17 +0000
Size: 2712
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060317/941f79e1/attachment.mht>
-------------- next part --------------
An embedded message was scrubbed...
From: Paul Vixie <paul at vix.com>
Subject: Re: the RD bit is troubling me today
Date: Wed, 08 Feb 2006 03:33:38 +0000
Size: 2597
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060317/941f79e1/attachment-0001.mht>
-------------- next part --------------
An embedded message was scrubbed...
From: Paul Vixie <paul at vix.com>
Subject: Re: the RD bit is troubling me today
Date: Wed, 08 Feb 2006 08:06:51 +0000
Size: 3249
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060317/941f79e1/attachment-0002.mht>
More information about the dns-operations
mailing list