[bind9] allow transfer, nameserver-only?
Danny Mayer
mayer at gis.net
Tue Jan 31 00:57:27 UTC 2006
Mark Andrews wrote:
>> Helmut Schneider wrote:
>>> Barry Margolin (barmar at alum.mit.edu) wrote:
>>>> In article <drddrq$2l1p$1 at sf1.isc.org>,
>>>> "Helmut Schneider" <jumper99 at gmx.de> wrote:
>>>>
>>>>> is it possible to define that a zone transfer is only allowed for NS
>>>>> records of the according zone file?
>>>> I don't think BIND has such an option. Some other DNS implementations
>>>> use the NS records as their default "allow-transfer" access list.
>>> Yes, Windows DNS does and I hoped that bind has such an option, too.
>>>
>>> Thanks, Helmut
>>>
>> You can restrict transfer of any zone to any list of addresses with the
>> allow-transfer option. It's up to you to specify what you want in there.
>> Are you asking that zone transfers are only allowed from addresses
>> listed in the NS records for the zone? Then see above.
>>
>> Danny
>
> No. What the OP is expecting is that the nameserver lookup
> all the addresses associated with the NS records then if there
> is a matching addresss allow the transfer to succeed.
>
I think that's what I said.
Danny
> Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
More information about the bind-users
mailing list