bind zone in BIND 9
Don Stokes
don at daedalus.co.nz
Sat Nov 16 01:07:44 UTC 2002
Hi Folks,
In BIND 8 I was able to restrict access to the BIND zone quite easily,
simply by refusing queries in all zones, and enabling for the zones I
wanted served, e.g.
options {
...
recursion no;
allow-query { none; };
}
zone "foo" {
...
allow-query { any; };
}
This a query for "x.bar." would be refused, as would a query for
"version.bind.". "x.foo." of course works fine, which is what I want.
With BIND 9 (9.2.1), the above configuration doesn't work. "x.foo."
works fine, "x.bar." is refused, but "version.bind." is allowed.
(a) Why?!?!?
(b) How can I stop it, short of defining a completely separate
"bind" zone and then denying access to it? This seems messy to me.
-- don
More information about the bind-users
mailing list