[bind9] allow transfer, nameserver-only?
Danny Mayer
mayer at gis.net
Mon Jan 30 14:51:35 UTC 2006
Helmut Schneider wrote:
> Barry Margolin (barmar at alum.mit.edu) wrote:
>> In article <drddrq$2l1p$1 at sf1.isc.org>,
>> "Helmut Schneider" <jumper99 at gmx.de> wrote:
>>
>>> is it possible to define that a zone transfer is only allowed for NS
>>> records of the according zone file?
>> I don't think BIND has such an option. Some other DNS implementations
>> use the NS records as their default "allow-transfer" access list.
>
> Yes, Windows DNS does and I hoped that bind has such an option, too.
>
> Thanks, Helmut
>
You can restrict transfer of any zone to any list of addresses with the
allow-transfer option. It's up to you to specify what you want in there.
Are you asking that zone transfers are only allowed from addresses
listed in the NS records for the zone? Then see above.
Danny
More information about the bind-users
mailing list