→Network, firewall, and SELinux
* Do not allow DNS queries from any machines in your network to any root name servers in the lab except your caching-only DNS server.
* SELinux must be turned on and run in enforcing mode on all of your VMs. You need to configure the runtime SELinux boolean accordingly.
You must turn on firewall on all machines and have the filter table rule drops or rejects any unwanted packets.
== Test and evaluation ==