Questions about options
Barry Margolin
barmar at alum.mit.edu
Sat Feb 20 16:42:44 UTC 2010
In article <mailman.487.1266666064.21153.bind-users at lists.isc.org>,
gmspro <gmspro at yahoo.com> wrote:
> options {
> directory "/etc/bind";
> allow-query { localhost; };
> allow-recursion { 127.0.0.1; };
> listen-on { <IP of Server>; };
> allow-transfer { none; };
> auth-nxdomain yes;
>
> };
>
> why are allow-query ,allow-recursion, listen-on, allow-transfer
> ,auth-nxdomain used?
>
> Thank you.
>
>
>
allow-query and allow-recursion are used to prevent remote clients from
using this server. In this case, allow-recursion is redundant; if you
don't allow remote clients to query, you don't have to worry about
whether you'll recurse for them.
listen-on is used when a server has multiple IPs, and you want to
restrict which ones it will answer queries on.
allow-transfer is used to restrict who can perform zone transfers of
zones that the server hosts.
auth-nxdomain controls whether answers that say that a name doesn't
exist will be marked authoritative. There was some old client software
that didn't like NXDOMAIN responses that are non-authoritative, even
though they're coming from a caching server.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list