Ulrich Spoerlein wrote:
Lyndon Nerenberg wrote:
The solution is to run a local caching nameserver instance. You should do this anyway, for
performance reasons. Add 'named_enable="YES"' to /etc/rc.conf, and modify your
/etc/dhclient.conf as follows:
Good idea, but this defeates the hierarchical purpose of DNS. Now my
caching DNS is always querying the root DNS servers.
Yes, and is actually sending valid queries driven by a human trying to do
something useful. Serving legitimate traffic isn't a problem for the root
nameservers, but you could always set up a forwarder line to use the local
ISP's nameserver first.
[ The root nameservers are seeing upwards of 90% bogus queries (ie, invalid
queries, misplaced assertions from DNS servers claiming to be root
nameservers themselves, Kaspersky-style DoS attacks, etc). ]
And there might be ISPs who disallow outgoing DNS connections to
somewhere else than their own DNS servers.
There are people offering "walled gardens" which prevent normal Internet
access but provide some limited services; such aren't really "ISP"s, though.
--
-Chuck
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"