Disallow recursive DNS queries

author Marco Platania <platania@research.att.com>

Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)

committer Marco Platania <platania@research.att.com>

Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)
author Marco Platania <platania@research.att.com>
Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)
committer Marco Platania <platania@research.att.com>
Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)
diff --git a/boot/bind_options b/boot/bind_options

index d65cc32..0bb6769 100644 (file)
--- a/boot/bind_options
+++ b/boot/bind_options
@@ -4,8 +4,8 @@ acl "trusted" {
  options {
          directory "/var/cache/bind";
  
-        recursion yes;                 # enables recursive queries
-        allow-recursion { netmask; };  # allows recursive queries from "trusted” clients i.e. LB only
+        recursion no;                 # enables recursive queries
+        //allow-recursion { netmask; };  # allows recursive queries from "trusted” clients i.e. LB only
          listen-on { dns_ip_addr; };   # ns1 IP address - listen on this address only
          allow-transfer { none; };      # disable zone transfers by default
  
diff --git a/boot/bind_zones b/boot/bind_zones

index 1c0b27e..73b2158 100644 (file)
--- a/boot/bind_zones
+++ b/boot/bind_zones
@@ -64,7 +64,7 @@ vm1.portal.simpledemo.openecomp.org.           IN      A       portal_ip_addr
  c1.vm1.portal.simpledemo.openecomp.org.        IN      A       portal_ip_addr
  c2.vm1.portal.simpledemo.openecomp.org.        IN      A       portal_ip_addr
  
-vm1.aaf.simpledemo.openecomp.org.      IN      A       aaf_ip_addr
+;vm1.aaf.simpledemo.openecomp.org.     IN      A       aaf_ip_addr
  
  vm1.mr.simpledemo.openecomp.org.       IN      A       mr_ip_addr
author	Marco Platania <platania@research.att.com>
	Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)
committer	Marco Platania <platania@research.att.com>
	Tue, 4 Apr 2017 16:35:22 +0000 (12:35 -0400)
boot/bind_options		patch \| blob \| history
boot/bind_zones		patch \| blob \| history