[atlas] [UDM] Cannot select "recursion desired" for DNS
Philip Homburg philip.homburg at ripe.net
Tue Jan 8 15:22:43 CET 2013
On 1/8/13 14:08 , Peter Koch wrote: > On Tue, Jan 08, 2013 at 10:11:25AM +0100, Antony Antony wrote: > >> However, by default RD is enabled when querying probe's local resolver. > attention, significant paranoia ahead, independent of RD: > > Are there any restrictions on QNAMEs that can be sent to the local resolver > or could a UDM be used to do reconnaissance against the "surrounding" > namespace (or address space wit the reverse tree)? There are no restrictions on what can be queried. > What do the probes do if DHCP does not provide for local resolvers? > > Probes can connect to the registration server without getting a resolver from DHCP. Beyond that, probes need a resolver. But you can, for example, configure a public DNS resolver statically (though there is no reason not to do that through DHCP).