North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: AW: Odd policy question.
- From: Randy Bush
- Date: Fri Jan 13 17:12:45 2006
>>> it is a best practice to separate authoritative and recursive
>>> servers.
>> why?
> Because it prevents stale, authoritative data on your nameservers
> being returned to intermediate-mode resolvers in the form of
> apparently authoritative answers, bypassing a valid delegation chain
> from the root.
and thereby hiding the fact that someone has either lame delegated
or i have forgotten to remove an auth zone, both cases i want to
catch. not a win here.
randy
|
