nw6.5 sp5
named 6.04.15
How can I Stop my primary server from doing recursive lookup (act resolver)
when I use www.dnsreport.se and test my zone fuv.se, I get a warning.
dnsreport has suggestions how to do that in Windows 2000, 2003, Simle DNS
Plus and Bind.
ERROR: One or more of your nameservers reports that it is an open DNS
server. This usually means that anyone in the world can query it for domains
it is not authoritative for (it is possible that the DNS server advertises
that it does recursive lookups when it does not, but that shouldn't happen).
This can cause an excessive load on your DNS server. Also, it is strongly
discouraged to have a DNS server be both authoritative for your domain and
be recursive (even if it is not open), due to the potential for cache
poisoning (with no recursion, there is no cache, and it is impossible to
poison it). Also, the bad guys could use your DNS server as part of an
attack, by forging their IP address.