forward zone
Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Oct 26 07:21:58 UTC 2018
On 26.10.18 00:12, Frédéric Lochon wrote:
>I'm new to this list, but I use BIND for quite some time.
>
>I have a machine running BIND which is authoritative for some domains
>I own and is the nameserver for my home network.
>
>Thus:
>- BIND answers to any query from my home network
>- BIND answers to queries from the whole planet Earth for the domains I own
>
>This is because:
>- in "options", I have (among others) allow-query { trusted; };
>- in each domain zone I have allow-query { any; };
>
>
>Today, I just set-up a new zone of type "forward" but I have trouble
>to make it work properly:
>- my home network is allowed to send queries because it is "trusted"
>- nobody from outside my home network is allowed to send queries
>because it is not "trusted"
>
>As you can't have "allow-query" in a zone of type "forward", I don't
>find any nice solution.
You can and you also need to add allow-query for it. However, since forward
zone is not stored locally, all requests for it are fowarded, so you must
allow recursion for the zone, if you want to allow everyone to use it.
Now I have a question, why do you want people from outside to access forward
zone? can't you slave it instead?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Boost your system's speed by 500% - DEL C:\WINDOWS\*.*
More information about the bind-users
mailing list