Отключение рекурсии на DNS

собственно кратенький мануал

Configuring OpenDNS on routers and modems ensures that all computers and devices that connect to that router or modem use OpenDNS and the subsequent Web content filtering and security settings. This is recommended as the best-practice configuration to use for networks that do not have an internal DNS server.
Please note that if you choose to leave the settings as they are, and abuse is generated, you will receive a notification warning, which can lead to a block of all involved IP addresses and/or servers. If you have any questions, do not hesitate to contact us.
If you run bind please add / change the following in named.conf or named.conf.options
These files should be located in /etc/bind/

// Disable recursion for the DNS service
options {
recursion no;
};

 

If you do require recursive queries from certain source addresses please add the IP addresses in the allow-query area of the same named.conf or named.conf.options files.

 

// Permit DNS queries for DNS messages with source addresses
// in the 192.168.1.0/24 netblock. The 'allow-query-cache'
// options configuration can also be used to limit the IP
// addresses permitted to obtain answers from the cache of
// the DNS server. Substitute with your own network range.
//
options {
allow-query {192.168.1.0/24;};
};

 

 

If you are running a windows DNS server you can disable recursion on the DNS server using the Windows interface

1. Open DNS Manager.
2. In the console tree, right-click the applicable DNS server, then click Properties.

Where? DNS/applicable DNS server

3. Click the Advanced tab.
4. In Server options, select the Disable recursion check box, and then click OK.

Additional considerations
— To open DNS Manager, click Start, point to Administrative Tools, and then click DNS.
— If you disable recursion on the DNS server, you will not be able to use forwarders on the same server.

 

To disable recursion on the DNS server using a command line

1.Open a command prompt.

2. Type the following command, and then press ENTER:

 dnscmd <ServerName> /Config /NoRecursion {1|0}

Parameter Description

 dnscmd

Specifies the name of the command-line tool for managing DNS servers.

  <ServerName>

Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).

 /Config

Required. Specifies that the command configures the specified server.

 /NoRecursion

Required. Disables recursion.

 {1|0}

Required. To disable recursion, type 1 (off). To enable recursion, type 0 (on). By default, recursion is enabled.

 

 

Добавить комментарий

Ваш e-mail не будет опубликован. Обязательные поля помечены *