[DNSfirewalls] Response Policy Zone: disabling "leaking" of lookups
Fred Morris
m3047 at m3047.net
Thu Sep 3 18:44:56 UTC 2020
Carl Byington wrote:
> On Wed, 2020-09-02 at 17:47 -0700, Fred Morris wrote:
> > how do I disable the (useless) resolution directed at upstream
> > servers?
>
> Isn't that just "qname-wait-recurse no;"
>
You are correct! I got confused and the doc didn't help. The logic is
tri-state:
*Default* (not present): The lookup is performed, but isn't waited for.
*Yes*: Resolution waits for the lookup to complete.
*No*: Resolution is not performed.
Verified by testing. :-) Thanks for the sanity check.
--
Fred Morris
More information about the DNSfirewalls
mailing list