X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=boot%2Fbind_options;h=857e2d2a5b5c4430ff53aa7e43f9214649292a8b;hb=refs%2Fheads%2Famsterdam;hp=040edb124d93bbae25a20af6d4da1280e7704128;hpb=150fb1f3a4051ab7ecc2db34691bcf1d2eccfbaa;p=demo.git

diff --git a/boot/bind_options b/boot/bind_options
index 040edb12..857e2d2a 100644
--- a/boot/bind_options
+++ b/boot/bind_options
@@ -4,14 +4,13 @@ acl "trusted" {
 options {
         directory "/var/cache/bind";
 
-        recursion no;                 # enables recursive queries
-        // allow-recursion { netmask; };  # allows recursive queries from "trusted” clients i.e. LB only
+        recursion yes;                # enables recursive queries
+        allow-recursion { any; };     # allows recursive queries from "trusted” clients i.e. LB only
         listen-on { dns_ip_addr; };   # ns1 IP address - listen on this address only
         allow-transfer { none; };      # disable zone transfers by default
 
         forwarders {
-                8.8.8.8;
-                8.8.4.4;
+                dns_forwarder;
         };
 
         // If there is a firewall between you and nameservers you want
@@ -31,7 +30,7 @@ options {
         // If BIND logs error messages about the root key being expired,
         // you will need to update your keys.  See https://www.isc.org/bind-keys
         //========================================================================
-        dnssec-validation auto;
+        dnssec-validation no;
 
         auth-nxdomain no;    # conform to RFC1035
         listen-on-v6 { any; };