Server Admin 10.4 Help

Enabling or Disabling Recursion

Recursion is a process that fully resolves domain names into IP addresses. Users' applications depend on the DNS server to perform this function. Other DNS servers that query yours don't have to perform the recursion.

To prevent malicious users from altering the primary zone's records ("cache poisoning"), or to prevent unauthorized use of the server for DNS service, you can disable recursion. However, if you stop it, your own users won't be able to use your DNS service to look up any names outside of your zones.

You should disable recursion only if no clients are using this DNS server for name resolution and no servers are using it for forwarding.

In Server Admin, choose DNS in the Computer & Services list.
Click Settings.
Select the General tab.
Select or deselect Recursion as needed.
Selecting Recursion allows it. Deselecting Recursion disallows it.

If you choose to enable recursion, consider disabling it for external IP addresses, but enabling it for LAN IP addresses, by editing BIND's named.conf file. See BIND's documentation for more information.

Keywords: khelp ksa

iPod AND reset	Search results must contain both "iPod" and "reset"
MacBook OR Leopard	Search results may contain either "MacBook" or "Leopard"
iPhone NOT Windows	Search results must contain "iPhone" and must not contain "Windows"
"backing up to external disk"	Search results must contain the phrase "backing up to external disk"

Browse Support

Languages

Server Admin 10.4 Help

Enabling or Disabling Recursion