preventing queries to servers
markdv.bind at asphyx.net
markdv.bind at asphyx.net
Fri Apr 29 08:34:51 UTC 2005
Hi,
I would like to prevent queries to rcf1918 addresses on a caching
nameserver.
The server has a public IP to which clients query. But it is also
connected to 'back-end' networks using rcf1918 addresses. I would like to
prevent queries sent over this network when public zones contain ns
records resolving to rfc1918 addresses in ranges I also use.
I was thinking along the lines:
server 10.0.0.0/8 {
bogus yes;
};
but the 'server' statement only allows ip_addr and not ip_prefix... Is
there some other way to achieve the same thing?
wouldn't it be usefull if 'server' also supported ip_prefix? Or even an
acl?
Regards,
Mark.
More information about the bind-users
mailing list