dns设置技巧

新公司要作个试验用到dns, 把以前的旧文翻出来，整理一下，备忘一下。

/etc/named.conf
options{
directory "/var/named";
recursion no; ---不用递归方式进行查询
};
即刻进行 no-recursion方式的查询操作

2 limiting concurrent recursive clients
options {
directory "/var/named";
recursive-clients 500;
};

补充一下，所谓recursion --递归方式主要是client-->（dns) server的查询方式
所谓Iterative －迭代方式是dns server -> dns server之间的查询
为什么禁掉递归呢， 主要是不希望该dns服务器 被client使用，特别是公司对外服务的dns, 为了稳定，只向dns server 开放，减少压力。




限定了查询的用户数
the default limit is 1,000 recursive clients

参考资料：Oreily: DNS and Bind cookbook
Discussion:
with recursive-clients you can limit the number of recursive queries a name server will handle concurrently. a named server receives recursive queries both from resolvers and from the name server that use it as a forwarder. since each recursive query consumes about 20k of memory, the totoal amount of memory needed to serive 1,000 queriers -- the defualt limits --is about 20mb. if a name server doesn't have that much real memory available, you may need to set its limit lower.

3 仅允许在本地网络进行 arbitray domain names
options{
directory "/var/named";
allow-query { localnets;
};