That ought to work, and work well.
This will not impact outside name servers that query your name server,
because they send iterative queries. If they're sending recursive
queries, they're abusing your server. I can't see any problems with this
approach.
If you have authoritative data in the
In message [EMAIL PROTECTED]
t, Alberto Colosi/SI/RM/GSI/it writes:
why not? beter handled by isc and done in a clean way then 1.000.000 of
dirty ways as these ;)
Please go read RFC 5358. No where in there does it say to
drop responses. If we though that dropping queries was
On Dec 3, 6:26 pm, Mark Andrews [EMAIL PROTECTED] wrote:
If it is a forged packet it should be dropped regardless of the setting
of RD.
True, however not something that's easily determined from a distance.
Ideally ingress filtering would render this a non-issue, however
there obviously holes
3 matches
Mail list logo