filtering results to subnets
Chris Buxton
cbuxton at menandmice.com
Sat Jul 19 04:04:12 UTC 2008
On Jul 18, 2008, at 7:27 PM, Jerome Haltom wrote:
> I have a desire to filter A records returned to clients that are
> outside
> of certain subnets. Basically my zone has a lot of private addresses
> in
> it. I'm cool with this.
>
> I'd like those private addresses to only be sent to other private
> addresses. Any non private address should not receive them.
There's no way to do this with BIND. However, certain Cisco products
can do this kind of thing - modifying your BIND name server's outgoing
DNS response on the fly. The Cisco solution only affects UDP queries,
and therefore does not affect zone transfers (nor queries over TCP,
but these are very rare).
Chris
More information about the bind-users
mailing list