|
|
|
|
|
|
by sybercecurity
1233 days ago
|
|
|
I've seen some do this "stealth secondary" architecture before and it's helpful for local zones. Sometimes they make the local recursive resolver be a secondary of the local zone, but don't include the recursive resolver in the NS set of the zone. That way the recursive resolver has a full copy of local zones for responses and doesn't have to ask an authoritative server (technically it is one, but only known to hosts that use it as their local recursive resolver). This only works if you don't use public resolvers. |
|
|