transfers from slave server
Bill Friedman
linguafr at sbcglobal.net
Wed Aug 13 23:42:43 UTC 2003
right. incidentally our nameservers aren't really published as they are
"hidden" nameservers, i.e. our isp is actually the SOA for our domains
and it looks to our dns server(s) for updates.
so on the slave I'd just want to add the allow-transfer option as follows.
options {
directory "/var/named";
allow-transfer {
ns1.ourisp.net
ns2.ourisp.net
....
};
};
....and that's all there is to it? On the master, which I didn't set
up, they list the allow-transfer option for each domain even though
they're the same for all domains. So I learned something new here. Thanks
Kevin Darcy wrote:
>Bill Friedman wrote:
>
>
>
>>I've set up a slave to serve as backup if master goes down. What
>>controls transfers from slave server when master goes down? Do I need
>>to add allow-transfer to named.conf for each domain? BIND book just
>>says to copy named.conf, change type to slave and include masters { .....
>>
>>
>
>It's really up to you. How free do you want to be with your zone
>transfers? Note however that it makes no sense from a security standpoint to
>restrict zone transfers on some of the published nameservers for a zone and
>not others.
>
>Even if you decide to restrict zone transfers, there should be no reason to
>define allow-transfer for each domain if the restriction is the same for all
>of them: you can just restrict zone-transfers globally by putting the
>allow-transfer in your "options" clause.
>
>
>- Kevin
>
>
>
>
>
--
Thank You
Bill Friedman
lingua franca networking
lfnetworking.com
510-508-5539
More information about the bind-users
mailing list