BIND configuration question
Dani Al-Hasan
dhasan at tagi.com
Wed Apr 27 13:11:16 UTC 2005
Hello,
I don't' know if I understood your setup,
I can suggest the following for the all zones (I mean within the option
statement) :
1- Define ACL for your different C classes.
2-All query only to the desired class using "allow-query"
3-All recursion only to the desired class using "allow-recursion"
Now for echo zone that you want to all query from outside put "allow-query {
any; };"
Regards,
Dani
_____
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf
Of Ronald I. Nutter
Sent: Wednesday, 27 April, 2005 3:16 PM
To: <comp-protocols-dns-bind at isc.org>
Subject: BIND configuration question
Importance: Low
I have posted a couple of messages over the last few days. Guess I am
not asking the question the right way. I am trying to restrict our
external DNS server running BIND to only allow lookups to domains we are
handling when those requests come from outside our network. I want our
internal users (which will be coming from one of 5 class C ip ranges we
are assigned) to be able to to recursive lookups, etc without any
problems. I tried using the Secure Bind Template I found but the
problem I ran into was that the server quits responding to any DNS
requests when that is used. Another message I talked about referenced
Split DNS but I don't think that is the right term to use for what I am
trying to do.
Suggestions ?
Ron
--------------------------------------------------------------------
Ron Nutter ron_nutter at georgetowncollege.edu
<mailto:> =20
Network Infrastructure & Security Manager
Information Technology Services (502)863-7002
Georgetown College =20
Georgetown, KY 40324-1696
--------------------------------------------------------------------
=20
More information about the bind-users
mailing list