Mik J via bind-users <bind-users@lists.isc.org> wrote: > For a zone that I owned, the "recursive" servers forwards the request to > the authoritative server.
Beware: when you are forwarding the target server must be a recursive server. If you want to "forward" to an authoritative-only server, you must use "static-stub" zone configurations. You can sometimes get away with forwarding to an authoritative-only server, but it will break if you have a delegation to a zone that is hosted on different servers. This is because the recursive server will expect a full answer, but it will get a referral which it will fail to follow. My recursive servers are configured to have their own authoritative copies of our zones, rather than relying on our authoritative servers. This is to reduce the number of things that can go wrong, and so that the recursive servers can provide service even if all our other servers are unavailable. > I was reading about RPZ zones but it seems to me these are implemented > on authoritative servers? An RPZ zone must be authoritative, but normally it is configured on a recursive server. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Faeroes, Southeast Iceland: Cyclonic 4 or 5,becoming northwesterly 5 to 7. Rough or very rough, occasionally high at first. Wintry showers. Good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users