delegation-only" feature for pdnsd
Versions 1.1.8b1-par8 and later have a new feature that emulates the
"delegation-only" feature of BIND.
This was originally implemented
as a tool for undoing the unwanted effects of DNS wildcards, in particular the resolution
of non-existing names to VeriSign's Site Finder service. At the moment there is probably not
much use for it, but the feature is still there, just in case.
See my main pdnsd webpage
for details how to download the latest version of pdnsd.
The new feature is disabled by default (and unless you have a good reason for using it, it is best left disabled). In the typical case it can be configured by adding the following line to the global section of the configuration file:
delegation_only="com","net";dig utility that comes with
the bind package installed on most systems. This is an example of
dig output:
[paul@memamdo paul]$ dig @213.51.129.169 cdl.earthcache.net ; <<>> DiG 9.2.1 <<>> @213.51.129.169 cdl.earthcache.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32752 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;cdl.earthcache.net. IN A ;; ANSWER SECTION: cdl.earthcache.net. 0 IN A 213.52.146.113 ;; Query time: 69 msec ;; SERVER: 213.51.129.169#53(213.51.129.169) ;; WHEN: Tue Sep 23 23:40:39 2003 ;; MSG SIZE rcvd: 52
If you find AUTHORITY: 0, you will have to find another name
server that provides good authority information and add its address to the list
of servers in the configuration file. It is not necessary to list this server first.
If you have questions about this new feature, you can email me at the address listed at the end of REAME.par.