[nsd-users] Set NSD to ignore, instead of refusing, external recursive queries?
paul at nohats.ca
Tue Jun 6 02:55:05 UTC 2017
On Tue, 6 Jun 2017, Sebastian Nielsen wrote:
>>> Is it possible to tell NSD to just drop recursive queries, instead of replying with a “REFUSED” message?
>> Why do you want to receive double the queries?
> What do you mean?
If a real DNS client is sending you a query, and it does not get a
response, it will likely try 2 more times. By not answering, you
will get double or tripple the traffic.
> Some security scans say the following:
> External Query:
> Rejected (Recommended: Drop)
> And list it as a yellow status.
Some security software needs to hire some DNS people :)
More information about the nsd-users