Bind, caching and authoritative domains
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Fri Oct 31 22:06:59 UTC 2003
> In article <bnu7vg$2aka$1 at sf1.isc.org>,
> Nigel Jewell <nigel.jewell at pixexcel.co.uk> wrote:
> >I have a bind DNS server setup that is authoritative for a number of
> >domains aswell as functioning as a caching name server.
>
> It's highly recommended that you use separate servers for the two
> functions. But if that's not feasible...
>
> >I want to be able to configure the server so that is will serve any
> >DNS lookup (for those domains that it is authoritative for and those
> >that it isn't) for a specific range of IP addresses, but for every
> >other IP address only allow lookups for those IPs for which the host
> >is authoritative. I hope that makes sense.
>
> acl "caching-clients" {
> ...
> };
>
> options {
> allow-query { caching-clients; };
> ...
> };
>
> zone "auth-domain1.com" {
> allow-query { all; };
"any;" is the built in acl, not "all;".
> ...
> };
> zone "auth-domain2.com" {
> allow-query { all; };
> ...
> };
> and so on.
>
> --
> Barry Margolin, barry.margolin at level3.com
> Level(3), Woburn, MA
> *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> Please DON'T copy followups to me -- I'll assume it wasn't posted to the grou
> p.
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list