allow-query
Andras Salamon
andras at dns.net
Sat Jun 10 00:06:05 UTC 2000
On Fri, Jun 09, 2000 at 10:39:06AM +0800, Omar Cromwell Mercado wrote:
> If i restrict allow-query to IPs within my domain only, will the outside
> Internet fail to resolve me, including the root servers, since they arent
> allowed to query my DNS? The question occurs to me because i think it's not
> proper to let a domain's authoritative DNS server restrict queries (except
> recursive ones), as other servers will query it. Is that correct?
The _announced_ servers need to answer queries from wherever. In this
case, announced means the union of the servers listed in NS records in
both the zone itself and in the parent zone (sometimes these differ).
It's perfectly fine for a hidden (stealth) server to have a custom
configuration.
-- Andras Salamon andras at dns.net
-- http://www.dns.net/dnsrd/ DNS Resources Directory
-- The online DNS reference since 1994
More information about the bind-users
mailing list