From 28953ef030bae8ef9937d0056b46b1ff55ddfc71 Mon Sep 17 00:00:00 2001
From: Guo Ruijing <ruijing.guo@intel.com>
Date: Wed, 17 May 2017 08:22:34 +0800
Subject: [PATCH] Fix dns lookup failure

Change-Id: I30f45e82ccb4268bd6ba8b93485ddba17650c010
Signed-off-by: Guo Ruijing <ruijing.guo@intel.com>
---
 boot/bind_options | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/boot/bind_options b/boot/bind_options
index 040edb12..49957325 100644
--- a/boot/bind_options
+++ b/boot/bind_options
@@ -4,8 +4,8 @@ acl "trusted" {
 options {
         directory "/var/cache/bind";
 
-        recursion no;                 # enables recursive queries
-        // allow-recursion { netmask; };  # allows recursive queries from "trusted” clients i.e. LB only
+        recursion yes;                # enables recursive queries
+        allow-recursion { any; };     # allows recursive queries from "trusted” clients i.e. LB only
         listen-on { dns_ip_addr; };   # ns1 IP address - listen on this address only
         allow-transfer { none; };      # disable zone transfers by default
 
@@ -31,7 +31,7 @@ options {
         // If BIND logs error messages about the root key being expired,
         // you will need to update your keys.  See https://www.isc.org/bind-keys
         //========================================================================
-        dnssec-validation auto;
+        dnssec-validation no;
 
         auth-nxdomain no;    # conform to RFC1035
         listen-on-v6 { any; };
-- 
2.16.6