bind request configuration
Kevin Darcy
kcd at chrysler.com
Thu Aug 28 20:42:07 UTC 2008
Sener ATAS wrote:
> Hi all,
>
> I use bind-9.5.0-P1 version on FreeBSD.
>
> This server is open to my networks outside. But I want to give
> permission only dns servers request. I don't want'to reply basic client
> request. Are there a configuration method for this.
>
If all you're doing is hosting zones to the Internet, you should turn
off recursion.Without recursion, ordinary clients won't be able to use
you to resolve DNS names outside of zones you host. So you'd be useless
as their default resolver.
If you want to go one step further, you could define a "recursion-only"
view with a wildcarded zone that redirects everything to a horrible site
(e.g. goatse or something similar). That should take care of the
would-be DNS-resolution moochers. :-) (DISCLAIMER: I accept no
responsibility for the consequences of someone implementing this
suggestion).
If you're not hosting zones to the Internet, I'm not sure why you'd want
"DNS servers" to talk to you.
- Kevin
More information about the bind-users
mailing list