[DNSfirewalls] Response Policy Zone: disabling "leaking" of lookups

Fred Morris m3047 at m3047.net
Thu Sep 3 18:44:56 UTC 2020


Carl Byington wrote:
> On Wed, 2020-09-02 at 17:47 -0700, Fred Morris wrote:
> > how do I disable the (useless) resolution directed at upstream
> > servers?
>
> Isn't that just "qname-wait-recurse no;"
>
You are correct! I got confused and the doc didn't help. The logic is
tri-state:

*Default* (not present): The lookup is performed, but isn't waited for.

*Yes*: Resolution waits for the lookup to complete.

*No*: Resolution is not performed.


Verified by testing. :-) Thanks for the sanity check.

--

Fred Morris




More information about the DNSfirewalls mailing list