wm: doc

--- a/ndb.ms

+++ b/ndb.ms

@@ -16,8 +16,12 @@

 Note: when you lookup a name using whatever nameserver is defined in /lib/ndb/local, if it's not found, ndb will recursively search the root nameservers to find the entry

 Most resolvers will normally give up, but ndb is really persistent.

+.PP

 To run a caching DNS server, modify /cfg/$sysname/termrc or /cfg/$sysname/cpurc (whichever is appropriate) to include the following:

+.P1

 ndb/dns -rs

+.P2

+.PP

 Be aware that you must include -L to prevent users outside the local network from being able to turn your caching server into an open relay for denial of service amplification attacks. -L provides a crude form of access control. Otherwise, you must firewall off access to prevent becoming an attack vector.