[bind9] allow transfer, nameserver-only?
Mark Andrews
Mark_Andrews at isc.org
Mon Jan 30 21:22:59 UTC 2006
> Helmut Schneider wrote:
> > Barry Margolin (barmar at alum.mit.edu) wrote:
> >> In article <drddrq$2l1p$1 at sf1.isc.org>,
> >> "Helmut Schneider" <jumper99 at gmx.de> wrote:
> >>
> >>> is it possible to define that a zone transfer is only allowed for NS
> >>> records of the according zone file?
> >> I don't think BIND has such an option. Some other DNS implementations
> >> use the NS records as their default "allow-transfer" access list.
> >
> > Yes, Windows DNS does and I hoped that bind has such an option, too.
> >
> > Thanks, Helmut
> >
> You can restrict transfer of any zone to any list of addresses with the
> allow-transfer option. It's up to you to specify what you want in there.
> Are you asking that zone transfers are only allowed from addresses
> listed in the NS records for the zone? Then see above.
>
> Danny
No. What the OP is expecting is that the nameserver lookup
all the addresses associated with the NS records then if there
is a matching addresss allow the transfer to succeed.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list