ZONE TRANSFER RESTRICTION
Cricket Liu
cricket at acmebw.com
Sun Nov 7 03:40:14 UTC 1999
> With current BIND setting, one can config the name servers under one's
> administration to restrict zone transfer update to designated secondary
> servers. Are there ways to ensure that those secondaries (most likely
> under different LAN admin policies) also would oblige with the same
> restriction?
Nope, aside from asking your slaves' administrators to similarly restrict
zone transfers.
> If not, and short of running both primary and secondaries
> on the same LAN, one could easily try for zone transfer from the
> secondaries eventhough restricted from the primary, would it not?
Yup. Just as easy to get a zone transfer from a slave.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class! See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.
More information about the bind-users
mailing list