vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

dns-forwarding: fix typos

Browse Source
This commit is contained in:
Christian Poessinger 2019-12-15 15:58:30 +01:00
parent 1d9198ebec
commit cad71fe9ac
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/services/dns-forwarding.rst
View File

@ -11,9 +11,10 @@ VyOS provides DNS infrastructure for small networks. It is designed to be
lightweight and have a small footprint, suitable for resource constrained
routers and firewalls, for this we utilize PowerDNS recursor.
VyOS DNS forwarder doe not require an upstream DNS server. It can serve as a
VyOS DNS forwarder does not require an upstream DNS server. It can serve as a
full recursive DNS server - but it can also forward queries to configurable
upstream DNS servers.
upstream DNS servers. By not configuring any upstream DNS servers you also
avoid to be tracked by the provider of your upstream DNS server.
.. cfgcmd:: set service dns forwarding system
@ -63,7 +64,7 @@ are:
send SERVFAIL when the validation comes up bogus.
* **log-fail** In this mode, the recursor will attempt to validate all data it
retrieves from authoritative servers, regardless of the clients DNSSEC
retrieves from authoritative servers, regardless of the client's DNSSEC
desires, and will log the validation result. This mode can be used to
determine the extra load and amount of possibly bogus answers before turning
on full-blown validation. Responses to client queries are the same as with
@ -71,13 +72,13 @@ are:
* **validate** The highest mode of DNSSEC processing. In this mode, all queries
will be be validated and will be answered with a SERVFAIL in case of bogus
data, regardless of the clients request.
data, regardless of the client's request.
.. note:: the ``dig`` tool sets the AD-bit in the query. This might lead to
unexpected query results when testing. Set +noad on the dig commandline when
this is the case.
.. note:: The famous UNIX/Linux ``dig`` tool sets the AD-bit in the query. This
might lead to unexpected query results when testing. Set ``+noad`` on the
``dig`` commandline when this is the case.
.. note:: the CD-bit is honored correctly for process and validate. For
.. note:: The ``CD``-bit is honored correctly for process and validate. For
log-fail, failures will be logged too.
.. cfgcmd:: set service dns forwarding ignore-hosts-file