I have 2 CentOS servers that are both authoritative DNS for several
domains and local resolvers. As configured, they are publicly visible
resolvers, which I've known for awhile is not a good thing.
whats the appropriate way of configuring the bind on CentOS 5.current to
not allow recursion on queries from the public side, but still allow
recursion locally? is it as simple as adding allow-recursion{} with
the appropriate private subnets and localhost to named.conf ?
--
john r pierce 37N 122W
somewhere on the middle of the left coast