[Bind-users] FW: newbie simple question

Remko Lodder remko at elvandar.org
Thu Jan 22 20:17:18 UTC 2004

in addition without views you can tell bind 8

options {
        recursion yes;
        allow-recursion { acl-list; };

zone "foo.bar" {
            file "etc.";

responds auth. for foo.bar and recurses for internal (or falling in the acl
list) sources.



Kind regards,

Remko Lodder
www.mostly-harmless.nl Dutch community for helping newcomers on the

-----Oorspronkelijk bericht-----
Van: bind-users-bounces at lists.elvandar.org
[mailto:bind-users-bounces at lists.elvandar.org]Namens HuMPie
Verzonden: donderdag 22 januari 2004 21:09
Aan: comp-protocols-dns-bind at isc.org
Onderwerp: [Bind-users] FW: newbie simple question

Yes that is posible with using views see also The BIND 9 Administration
Reference Manual Chapter: 6.2.19




acl intern {
        { <internal ip range>; };

options {
        directory "/var/named";

        listen-on {; <external ip>; };

        notify no;

        version "";

        recursion yes;
        allow-recursion { intern; localhost; };

        statistics-file "/var/adm/named-stats";

        pid-file "/var/run/named/named.pid";

view "chaos" chaos {
    match-clients { any; };
    allow-query { none; };

    zone "." {
        type hint;
        file "/dev/null";

view "internal" {
        match-clients { intern; };
        allow-query { intern; localhost; };

        zone "." IN {
                type hint;
                file "root.cache";

        zone "0.0.127.in-addr.arpa" IN {
                type master;
                file "internal/127.0.0.rev";

        zone "localhost" IN {
                type master;
                file "caching-example/localhost.zone";

  ## Place for soms internal domains

view "external" {
        match-clients { any; };

        zone "." IN {
            type hint;
            file "root.cache";

 ## Place for your external Domains


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Edo
Sent: donderdag 22 januari 2004 9:25
To: comp-protocols-dns-bind at isc.org
Subject: newbie simple question

Hello, I'm new to BIND so forgive my simple question...

I setup BIND on a server with many other service running on (httpd,
qmail, etc.).

My server is authoritative for some domain names as master, so I have
the zone files correctly setup.

Is it possible making BIND:
- reply ONLY to queries for the zones he is serving as master DNS, if
the query is originated OUTSIDE my server;
- reply to all queries (recursively or forwarding), if the query is
originated from my server.

I want to avoid people using it as a "public" dns in their connections.

Thank you


Bind-users mailing list
Bind-users at lists.elvandar.org

More information about the bind-users mailing list