Unapproved AXFR?
Dave Wreski
dave at nic.com
Tue Dec 14 18:58:22 UTC 1999
> Anything else, like split DNS, requires more work to set up and has ongoing
> maintenance effort. You need to have a good reason to do this, to justify
> the work. But they don't feel the need for strong justification to add an
> "allow-transfer" line to the named.conf, and I hardly blame them. Unless
> they're deluding themselves into thinking that this is real data
> protection, I see no problem with it.
I had a question about split DNS, actually. Is there really much
difference between configuring split DNS and creating zones that are not
resolvable from unauthorized domains? Now that bind8 has allow-query, it
seems less of an advantage...
Thanks,
Dave
More information about the bind-users
mailing list