resolve remove domain only for localhost

Barry Margolin barmar at alum.mit.edu
Sat Jun 12 21:04:43 UTC 2004


In article <cafhfh$17uo$1 at sf1.isc.org>,
 Jonas Meurer <jonas at freesources.org> wrote:

> hello,
> I have bind9 on my server, and it manages 2 domains without problems
> (master dns for these two). Anyway, I kept the root zone entry in
> named.conf, and later replaced it by a forwarders option, because i'dd
> like to use the nameserver as normal ns for the system too, so it should
> resolve all domains existant.

Why do you need forwarders for that?  It should be able to do that using 
the root hints, it doesn't need forwarders.  However, that's orthogonal 
to your question.

> the problem is, that some wicky guys seem to use my dns-server
> regularely what creates big amount of traffic (2.5GB last month).
> 
> how can i restrict 'lookup of remote domain' to localhost, and resolve
> only the 2 local domains to remote requests?

Put:

  allow-queries { localhost; };

in the global options, and

  allow-queries { any; };

in each of the zones that you host.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***


More information about the bind-users mailing list