Restrict query on my DNS
Barry Margolin
barmar at alum.mit.edu
Fri Mar 31 16:23:14 UTC 2006
In article <e0jjb7$2au9$1 at sf1.isc.org>,
Michel Dubois <duboismichel at nerim.net> wrote:
> Hello,
>
> I want to restrict the usage of my DNS servers and allow only access
> from my subnets.
> In my configuration file I've created the following ACL :
>
> acl "closed_dns" {
> xxx.xxx.xxx.0/24;
> yyy.yyy.yyy.0/24;
> };
>
> And in the option section :
>
> allow-query { closed_dns; };
>
> I've checked and from external subnet I'm not able to query my server
> (using nslookup) ... BUT i've discovered after several hours that some
> of domains are no longer responding. I've removed the ACL and it was
> working normally as before.
> Could you please help me on this issue ?
Are you hosting public domains on this server as well as using it as a
caching server for your users? If so, you need to put
allow-query { any; };
in the "zone" statements for all the zones that need to be accessible to
the public.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list