Answering only for "own" zones
Len Conrad
LConrad at Go2France.com
Wed Jun 20 08:42:25 UTC 2001
hey :))
Learn the lingo.
What you want is to limit recursion from Internet, while allowing recursion
from your ip´s.
If you allow queries from Internet, then BIND will answer authoritatively
for the domains it´s delegated with (assuming you haven´t scrogged your
zone syntax), and answer with "referrals" for all other queries from internet.
>Is it possible to setup bind to only answer for the "own"
>zones i created ?
yes, of course. define this BIND behaviour with options allow-recursion or
no-recursion.
>I mean a setup like on ns1.granitecanyon.com, where you get
>only the root servers back
"getting the root servers back" is called "receiving a referral" :))
>Is it also possible to setup bind in a way, that for the
>local net, bind acts like a
>"standard" dns server (with the right answers)
a "standard" DNS that answers for queries it´s not auth for is called a
recursive nameserver.
acl "my_net" {x.x.x.x/bits;};
options { allow-recursion { my_net; }; };
>and for the rest of the internet as described
>above ?
Then the "rest of the internet" will get referrals, not answers.
Len
http://MenAndMice.com/DNS-training
http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K
http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways
More information about the bind-users
mailing list