allow-recursion doesn't work
Hello! There are problems with allowed recursion.
I did the ACL. But with these settings, recursive queries work with IP SRC, which is not on this list.
Example request with IP 5.166.152.XX from windows:
C:\Users\mcflyspb>nslookup gitlab.isc.org ns2.MYDOMAIN.ru
╤хЁтхЁ: ns2.MYDOMAIN.ru
Address: 176.XXX.YYY.ZZZ
Untrusted answer:
http://gitlab.isc.org
Addresses: 2600:1f18:634c:d100:acdc:70e4:ede4:ef40
52.201.58.154
The server should not have sent the IP in response: 52.201.58.154
5.166.152.XX is not included in the trusted ACL.
named.conf.options
acl "trusted" {
127.0.0.1/32;
176.ХХ.ХХ.0/22;
};
options {
directory "/var/cache/bind";
recursion yes; # enables recursive queries
allow-recursion { trusted; }; # allows recursive requests from "trusted" clients
allow-query-cache { trusted; };
audition {any; }; # Private IP address ns1 - listen only on private network
allow-transfer { none; }; # disable zone transfer by default
DNSsec is checked automatically;
listening-v6 { ::1; };
};