впервые сказано пользователем .kkursor 09.10.2011 в 14:50
и с тех пор употреблялось 6
Сообщения со словом
Запрос выполнился за 0.0141
- 09.10.2011, 14:50. .kkursor в теме
«Помогите настроить bind»
... ipv6 address or the keyword any listen-on-v6 1 these zones are already covered by the empty zones listed below if you remove the related empty zones below comment these lines out disable-empty-zone 255 255 255 255 in-addr arpa in addition to the forwarders clause you can force your name server to never initiate queries of its own but always ask its forwarders only by enabling the following line forward only if you ve got a dns server around at your upstream provider enter its ip address here and enable the line below this will make you benefit from its cache thus reduce overall dns traffic in the internet forwarders 195 178 222 2 79 135 229 194 modern versions of bind use a random udp port for each outgoing query by default in order to dramatically reduce the possibility of cache poisoning all users are strongly encouraged to utilize this feature and to configure their firewalls to accommodate it as a last resort in order to get around a restrictive firewall policy you can try enabling the option below use of this option will significantly reduce your ability to withstand cache poisoning attacks and should be avoided if at all possible query-source address port nnnnn first in your etc resolv conf so this server will be queried also make sure to enable it in etc rc conf the traditional root hints mechanism use this or the slave zones below zone type hint file named root slaving the following zones from the root name servers has some significant advantages 1 faster local resolution for your users 2 no spurious traffic will be sent from your network to the roots 3 greater resilience to any potential root server failure ddos on the other hand this method requires more monitoring than the hints file to be sure that an unexpected failure mode has not incapacitated your server name servers that are serving a lot of clients will benefit more from this approach than individual hosts use with caution to use this mechanism uncomment the entries below and comment the hint zone above zone type slave file slave root slave masters 192 5 5 241 f root-servers net notify no zone arpa type slave file slave arpa slave masters 192 5 5 241 f root-servers net notify no zone in-addr arpa type slave file slave in-addr arpa slave masters 192 5 5 241 f root-servers net notify no serving the following zones locally will prevent any queries for these zones leaving your network and going to the root name...