[deployment-guide/comm-rel: 335/727] Modified the Nameserver Types subsection.

Jaromir Hradilek jhradile at fedoraproject.org
Tue Oct 19 12:52:49 UTC 2010


commit 7666ecb7d24835ab0ae87295a69a075ec01b2c40
Author: Jaromir Hradilek <jhradile at redhat.com>
Date:   Wed Aug 11 14:06:04 2010 +0200

    Modified the Nameserver Types subsection.

 en-US/The_BIND_DNS_Server.xml |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/en-US/The_BIND_DNS_Server.xml b/en-US/The_BIND_DNS_Server.xml
index 6e43b9f..c929a0f 100644
--- a/en-US/The_BIND_DNS_Server.xml
+++ b/en-US/The_BIND_DNS_Server.xml
@@ -122,7 +122,7 @@
           <term>authoritative</term>
           <listitem>
             <para>
-              This category includes both primary (master) and secondary (slave) servers. Those servers answer only for RRs which are part of their zones.
+              Authoritative nameservers answer to resource records that are part of their zones only. This category includes both primary (master) and secondary (slave) nameservers.
             </para>
           </listitem>
         </varlistentry>
@@ -130,13 +130,13 @@
           <term>recursive</term>
           <listitem>
             <para>
-              Offers resolution services, but is not authoritative for any zones. Answers for all resolutions are cached in memory for a fixed period of time, which is specified by the retrieved RR.
+              Recursive nameservers offer resolution services, but they are not authoritative for any zone. Answers for all resolutions are cached in a memory for a fixed period of time, which is specified by the retrieved resource record.
             </para>
           </listitem>
         </varlistentry>
       </variablelist>
       <para>
-        A nameserver may be one or both of these types. For example, a nameserver can be a master for some zones, a slave for others, and offer recursive services for others. However the best practice is not to combine authoritative and recursive servers due their absolutely different requirements. Authoritative servers are available for all clients and they should be available all the time otherwise it is not possible to resolve particular subtree of the DNS database. Recursive lookups take far more time than authoritative responses thus recursive servers should be available for a restricted number of clients. Otherwise recursive server could be easy target for <firstterm>distributed denial of service (DDoS)</firstterm> attack.
+        Although a nameserver can be both authoritative and recursive at the same time, it is recommended not to combine the configuration types. To be able to perform their work, authoritative servers should be available to all clients all the time. On the other hand, since the recursive lookup takes far more time than authoritative responses, recursive servers should be available to a restricted number of clients only, otherwise they are prone to distributed denial of service (DDoS) attacks.
       </para>
     </section>
     <section id="s2-bind-introduction-bind">


More information about the docs-commits mailing list