Link to home
Create AccountLog in
Avatar of JeffBeall
JeffBeallFlag for United States of America

asked on

dns queries

I have been learning about DNS and came across this statement

"configure your server to refuse recursive queries from outside your own IP range"

but there wasn't a good explanation as to why you should do this.
Anybody have a good reason why you would want to have your server refuse recursive queries?
SOLUTION
Avatar of IT20701
IT20701
Flag of Afghanistan image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
ASKER CERTIFIED SOLUTION
Avatar of Patrick Bogers
Patrick Bogers
Flag of Netherlands image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of JeffBeall

ASKER

so Patricksr1972, do you mean that answering dns queries for internal users, is like answering for people inside the "house".
but answering the other way around, is like answering people outside of the "house", so like keeping the "door" opened.
so setting the server to  refuse recursive queries, is like someone outside the "house" or domain, asking the server something, and the server refuses to answer.
That is correct.
thank you