[CentOS] DNS forwarding vs recursion

Thu Mar 28 18:05:42 UTC 2013
John R Pierce <pierce at hogranch.com>

I have 2 CentOS servers that are both authoritative DNS for several 
domains and local resolvers.    As configured, they are publicly visible 
resolvers, which I've known for awhile is not a good thing.

whats the appropriate way of configuring the bind on CentOS 5.current to 
not allow recursion on queries from the public side, but still allow 
recursion locally?     is it as simple as adding allow-recursion{} with 
the appropriate private subnets and localhost to named.conf ?


-- 
john r pierce                                      37N 122W
somewhere on the middle of the left coast