Drop forwarded requests
Barry Margolin
barmar at alum.mit.edu
Sat Dec 1 19:49:09 UTC 2007
In article <fis8t9$trj$1 at sf1.isc.org>, gagadget at free.fr wrote:
> Hi listers,
>
> Is there a way to prevent BIND to answer frowarded requests ?
>
> For local uses, somebody has setup a DNS on our network ( very large network
> ),
> his server is forwarding all requests it can't answer. We asked him several
> times to shut down his server but he won't. For security reasons, we don't do
> forwarding on our servers so we would like to deny his forwarded requests
> without deny all his requests.
Do you mean you want to allow him to query your authoritative data, but
not use you as a caching server? Use "allow-recursion" and
"allow-query-cache" to block him.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list