Question on DNS "options allow-query"

[Jim Reid]

>>>>> "Steve" == Steve Snyder <swsnyder at home.com> writes:

    Steve> So what is the correct way to allow only queries from the
    Steve> local subnet?  (My goal here is to preclude the acceptance
    Steve> of queries from the Internet but to answer those from local
    Steve> machines.)

Try
      allow-query { localnets };

localnets is a pattern which matches the subnets of all the network
interfaces that are connected to the name server.

See html/acl.html in the doc tarball.