Richard Creighton wrote:
Bad choice of log exerpt....I have thousands of NON NS non MS queries and yes ricreig.com is my domain and I limit forwarded queries from out of localnet with 'options allow-recursion { localnet; }; ' in named.conf.
But you have also prevented me from doing this: "dig @ns2.ricreig.com. ns1.ricreig.com. AAAA" ; <<>> DiG 9.3.2 <<>> @ns2.ricreig.com. ns1.ricreig.com. AAAA ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 50945 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns1.ricreig.com. IN AAAA ;; Query time: 152 msec ;; SERVER: 70.46.31.228#53(70.46.31.228) ;; WHEN: Sun Jul 29 14:31:49 2007 ;; MSG SIZE rcvd: 33 which I still think is odd - especially as you allow that query on ns1.ricreig.com ? /Per Jessen, Zürich -- http://www.spamchek.com/ - your spam is our business. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org