Resticting info in zone transfers
Kelly Scroggins
kelly at cliffhanger.com
Thu Jul 6 18:10:21 UTC 2000
I have searched the archives but I haven't found a suitable answer to my
question. Hopefully some one on this list can tell if my goal is
possible or not.
I want to make my name server authoritative for my zone, but use my ISPs
name server as the Internet presence for our domain. My ISP told me
they would config their server to be a slave to mine.
I know I can restrict what servers can transfer zone info with my
servers, but I don't want my ISPs server to have all of my RRs for the
world to see.
Is it possible to allow the zone transfers and restrict what RRs are
transferred?
Also, I have my name servers running in (test mode) on my production
network right now. Zone transfers are working between them just fine.
My ISPs name servers are still authoritative for my domain.
But I can ping and telnet to devices on my internal netwrok(s), surf the
web and all that stuff through my internal name servers. But I CAN NOT
reach our domains web site, which is on a server OUTSIDE of our network
(somewhere).
It's probably really simple but I don't understand why I can surf/ping
all other domains in the world but not my own. Can someone shed some
light on this for me too?
Many thanks,
kelly
More information about the bind-users
mailing list