DNSReport error for open DNS

Galactic Zero · Sat Jul 29, 2006 3:17 pm

I did a dnsreport.com check of my site and it found that my DNS is open. so to correct that I added to my /etc/named.conf the following lines:

recursion no;
allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };

Each xxx.xxx.xxx.xxx block represents an ip address on my server, the only ip's I didn't put in there were for the main server and the 2 nameservers on this box.

I get errors like this one with the recursion statements in: WARNING: Invalid DNS reply. Falling back to HTTP mode.

I added the IP's for the main box and the nameservers, dnsreport checked out fine, still have the errors, removed those entries and all works fine, so I guess I need to find a way to close the open DNS and still allow the above to work.

breun · Unread post by **breun** » Sun Jul 30, 2006 7:44 am

I think your problem is the 'recursion no' in there. I'd just put in a allow-recursion statement.