Restricted bind to my domain only
Grant Taylor
gtaylor at tnetconsulting.net
Tue Jan 17 03:22:33 UTC 2017
On 01/16/2017 08:17 AM, Luis Felipe Dominguez Vega wrote:
> Hello, i was searching into google to find my problem, but i think that is
> better write to the list. I am using Bind with Samba 4 (with BIND_DLZ) serving
> the domain mtz.example.com, but i need resolv throw another server the querys
> to domain example.com and anothers subdomains (like grm.example.com,
> vcl.example.com), but i dont want resolve any other (to prevent DNS Tunnel).
> So i need enable the recursion and permit to my network that recursion, the
> problem is that always resolve the google.com, facebook.com, etc... and i want
> only resolve the names into Samba (BIND_DLZ) and all others be forwarded by my
> another server, files.
I don't know if it will work for you or not, but I'd try the following:
Make your server slave the example.com, grm.example.com, vlc.example.com
zones off of their respective servers. That way your server can
authoritatively answer all the zones and not need to do any recursion.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170116/1fc4922c/attachment.bin>
More information about the bind-users
mailing list