DNS zone transfers
Kevin Darcy
kcd at daimlerchrysler.com
Sat Feb 10 01:12:36 UTC 2001
Jim Reid wrote:
> >>>>> "Tim" == Tim Molloy <bind at timmy.ws> writes:
>
> Tim> allow-transfer { none; }, or allow tranfer only to your name
> Tim> servers.
>
> Tim> I'm not sure of the syntax in BIND 4.x, but that's how you do
> Tim> it in BIND 8.x/9.x hope that helps
>
> It doesn't. The syntax of BIND4's config file is completely different
> from that in BIND8 and BIND9. The file even has a different name! And
> there is no allow-transfer clause in BIND4.
>
> IIRC there was something called xfernets, but this entailed using
> special compile-time options and then putting weird xfernets TXT
> records in the zone files. I could well be wrong about this as it's
> been a while since I looked at software that's been as long dead as
> BIND4.
I think you're confusing "xfernets" (the precursor of
allow-transfer) with "secure_zone" (the precursor, more-or-less, of
allow-query). xfernets just lived in named.boot and used a netmask-like
syntax. secure_zone was the one that required the funky TXT records...
This message brought to you by the BIND Archaeological Society. :-)
> The original poster should upgrade to BIND9 or at least 8.2.3.
Agreed.
- Kevin
More information about the bind-users
mailing list