Results 1 to 11 of 11
Thread: recursive lookups
-
01-06-2007, 05:37 PM #1WHT Addict
- Join Date
- Jan 2005
- Location
- Shelbyville, TN
- Posts
- 118
recursive lookups
when i do a
recursion no;" in the "options" of named.conf
it blocks email from coming into the server, and out as well.
What should i do?
Thanks
Robert
-
01-06-2007, 05:43 PM #2Junior Guru Wannabe
- Join Date
- Jun 2006
- Posts
- 67
Is your resolv.conf file configured? There should be the NS servers from your upstream provider, those IPs should be on the same network as you for the fastest NS replies.
ServerTweak Networks, LLC >> ServerTweak.com
Experience the fastest network and superior servers, feel the power of ServerTweak!
Fremont, CA DataCenter | Dedicated Servers | Colocation | Cross Connects HE.net | 1/4 - Full Cab Sales
-
01-06-2007, 10:17 PM #3WHT Addict
- Join Date
- Jan 2005
- Location
- Shelbyville, TN
- Posts
- 118
Yes my resolv.conf had my 2 ip name servers as well as a 3rd major one listed.
Im not sure why when i add the recursion no command mail is blocked both in and out.
I never had to config the named.conf before.
-
01-06-2007, 10:22 PM #4Retired Moderator
- Join Date
- Nov 2002
- Location
- WebHostingTalk
- Posts
- 8,901
* Moved to Technical and Security Issues...
SiriusI support the Human Rights Campaign!
Moving to the Tampa, Florida area? Check out life in the suburbs in Trinity, Florida.
-
01-06-2007, 10:27 PM #5Managed Hosting Expert
- Join Date
- Jan 2004
- Location
- North Yorkshire, UK
- Posts
- 4,164
If you are using your own box as nameservers you would have to replace recursion no with:
allow-recursion { 192.168.0.1; 192.168.0.2; };
etc...
Dan█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
-
01-06-2007, 10:28 PM #6Web Hosting Master
- Join Date
- Apr 2003
- Location
- San Jose, CA.
- Posts
- 1,624
One solution would be to setup bind to use views.
So that any internal clients seeking resolution would be allowed recursion and any external clients would essentially see only an authoritative nameserver.
I don't know what version of Bind your using tho... But, I'd assume some revision of Bind9.
http://www.oreillynet.com/pub/a/orei...iews_0501.html
This might be overkill and Dan's solution would probably be easier to implement :p
-
01-06-2007, 10:46 PM #7Managed Hosting Expert
- Join Date
- Jan 2004
- Location
- North Yorkshire, UK
- Posts
- 4,164
Originally Posted by Lightwave
Dan█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
-
01-06-2007, 11:09 PM #8WHT Addict
- Join Date
- Jan 2005
- Location
- Shelbyville, TN
- Posts
- 118
Hey thanks Razor allow-recursion { 192.168.0.1; 192.168.0.2; };
worked like a charm!
THanks alot!
-
01-07-2007, 04:03 AM #9Local tech for Los Angeles
- Join Date
- Feb 2003
- Location
- Panorama City, CA
- Posts
- 2,581
I believe you can use 192.168.1.0/24 (if there in the same block) if you have multiple boxes needing a DNS look up.
I haven't touched bind in a long time.
-
01-07-2007, 05:06 AM #10WHT Addict
- Join Date
- Jan 2005
- Location
- Shelbyville, TN
- Posts
- 118
I just added an ip for each ip on the machine, there not all on the same block.
-
01-07-2007, 09:04 AM #11Aspiring Evangelist
- Join Date
- Nov 2005
- Posts
- 352
Actually, you could have gotten away with using just 127.0.0.1 and the main IP of the server (and you probably don't even need that) in the "allow-recursion" statement. Those would be the only IP's that DNS traffic should originate from.