|
|
|
|
|
|
by ott2
4752 days ago
|
|
|
This is completely unmotivated. The author seems to conflate running a DNS server that is authoritative-only with running a server that handles recursive queries. It is a bad idea running a server running recursive queries blindly: as the example shows, running an unmonitored recursive server tends to result in the server being used as a reflector for DDoS attacks. It is also opens the door for the server's cache to be poisoned by false DNS data. Running a recursive DNS server well is hard. On the other hand, it is a good idea running one's own server, authoritative for one's own domains, but which refuses recursive queries. This stops others having control over when and how you can transfer your domains, what kinds of records you can add, or how often and when you can update the configuration of your services. It is worth learning the difference. |
|
|