[dns-operations] Best Practices in DNS security

Paul Vixie paul at vix.com
Sat Mar 18 00:27:43 UTC 2006

# >1. you should not run authority and recursion in the same name server even
# >if you can figure out how to ACL those services differently (your authority
# >service needs to be externally-reachable, your recursive service needs to
# >be internal-only.)
# I'm trying to wrap my head around why ACL'ing those services differently
# wouldn't be sufficient.  I don't see why this wouldn't meet your criteria...

see <http://lists.oarci.net/pipermail/dns-operations/2006-March/000288.html>.

More information about the dns-operations mailing list