allow-recursion and allow-query-cache have different defaults.
From README
New option allow-query-cache. This lets allow-query
be used to specify the default zone access level rather
than having to have every zone override the global value.
allow-query-cache can be set at both the options and view
levels. If allow-query-cache is not set then allow-recursion
is used if set, otherwise allow-query is used if set
unless recursion no; is set in which case none; is used,
otherwise the default (localhost; localnets;) is used.
Mark
In message cf090150-f1c9-45c7-a4dd-6a5e1c429...@cs.moravian.edu, myron writes
:
--===0424927304202673050==
Content-Type: multipart/alternative; boundary=Apple-Mail-233-881694232
--Apple-Mail-233-881694232
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
I gave the wrong view if that makes the difference. That was the
internal network.
view external {
match-clients { any; };
recursion no;
--myron
=
Myron Kowalski
MoCoSIN Network/Systems Administrator
Moravian College
my...@cs.moravian.edu
Begin forwarded message:
From: myron kowal...@cs.moravian.edu
Date: April 6, 2009 12:00:55 PM EDT
To: bind-users@lists.isc.org
Subject: ip forwarding DNS 9.6.0
I upgraded from 9.2.3.
I can't seem to do forwarding from a browser.
Everything works from 9.2.3. When I swap out to 9.6.0, from a
command line I
can do: nslookup; ping outside the domain; traceroute outside the
domain.
From a web browser I can get out if I use the ip address. However,
when I
put in a canonical name get an rcode 5.
There's a barracuda spam firewall in the path. If I take it out,
then everything works.
There's really nothing to change on the barracuda as far as dns is
concerned, other
than pointing to a dns server.
snoop on the wire:
9.6.0
barracuda - ns DNS C www22.verizon.com. Internet Addr ?
ns - barracuda DNS R Error: 5(Refused)
9.2.3
barracuda - ns DNS C www22.verizon.com. Internet Addr ?
ns - barracuda DNS R www22.verizon.com. Internet CNAME
www22.verizon.com.edgekey.net.
I glanced through the archives and found some suggestions about
recursions to ip forwarding. I think the
conf is set up correctly. At least, it works fine with 9.2.3.
Here's some of my named.conf edited.
acl mylab {
10.0.0.0/8;
};
options {
directory /etc/dns;
auth-nxdomain yes;
};
view trusted {
match-clients { mylab; };
recursion yes;
zone moravian.edu in {
type forward;
forwarders { 10.22.5.32; 10.22.5.38; };
};
Any help appreciated.
--myron
=
Myron Kowalski
MoCoSIN Network/Systems Administrator
Moravian College
my...@cs.moravian.edu
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--Apple-Mail-233-881694232
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
htmlbody style=3Dword-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; I gave the wrong view if that =
makes the difference. That was the internal network.brbrview =
external {brnbsp;match-clients { any; };brnbsp;recursion =
no;brdivbr class=3Dwebkit-block-placeholder/divdiv =
apple-content-edited=3Dtrue span class=3DApple-style-span =
style=3Dborder-collapse: separate; color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 12px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0; div style=3Dword-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
divdiv--myron/divdiv=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D/divdivMyron =
Kowalski/divdivMoCoSIN Network/Systems =
Administrator/divdivMoravian College/divdiva =
href=3Dmailto:my...@cs.moravian.edu;my...@cs.moravian.edu/a/divdiv=
br/div/div/div/spanbr class=3DApple-interchange-newline =
/divdivbrdivBegin forwarded message:/divbr =
class=3DApple-interchange-newlineblockquote type=3Dcitedivdiv =
style=3Dmargin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font face=3DHelvetica size=3D3 color=3D#00 =
style=3Dfont: 12.0px Helvetica; color: #00bFrom: =
/b/fontfont face=3DHelvetica
