resolve remove domain only for localhost
Ladislav Vobr
lvobr at ies.etisalat.ae
Sun Jun 13 03:18:21 UTC 2004
Jonas Meurer wrote:
> hello,
> I have bind9 on my server, and it manages 2 domains without problems
> (master dns for these two). Anyway, I kept the root zone entry in
> named.conf, and later replaced it by a forwarders option, because i'dd
> like to use the nameserver as normal ns for the system too, so it should
> resolve all domains existant.
>
> the problem is, that some wicky guys seem to use my dns-server
> regularely what creates big amount of traffic (2.5GB last month).
>
> how can i restrict 'lookup of remote domain' to localhost, and resolve
> only the 2 local domains to remote requests?
do you mean, how can I restrict recursion? Use 'allow-recursion' in the
options part. This will allow only the hosts specified to lookup
external domains, (if not already in cache)
>
> other way round: I like restrict usage of the forwarders-option, or of
> the root zone to localhost.
>
> The problem is: both configuration options don't allow allow-query
> argument, so I have no glue about how to restrict access for these.
>
you can use 'allow-query' per zone, and disallow it in the main options
part,
Ladislav
> bye
> jonas
>
> ps: as i'm not subscribed, please cc to my private mail
>
> -- Attached file included as plaintext by Ecartis --
> -- File: signature.asc
> -- Desc: Digital signature
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFAy0eJd6lUs+JfIQIRAhACAJ9IY7ahSXsYno24lrw4gSxCckp06ACeLK9g
> pFuzkVHOo+OvG41Bgsxenwg=
> =0zzK
> -----END PGP SIGNATURE-----
>
>
>
More information about the bind-users
mailing list