acl and forwarding
Mark Andrews
Mark_Andrews at isc.org
Mon May 29 23:22:12 UTC 2006
> Hello,
>
>
> I've configured a company DNS here with an ACL for a zone we're
> forwarding.
>
>
>
> It doesn't seem to work as it spits out an error message in the log file
> when wanting to reload the server:
>
>
>
> May 29 12:39:59 <machine name> named[6882]: loading configuration from
> '/usr/local/bind/etc/named.conf'
>
> May 29 12:39:59 <machine name> named[6882]:
> /usr/local/bind/etc/named.conf:311: option 'allow-query' is not allowed
> in 'forward' zone 'metro.ca'
>
> May 29 12:39:59 <machine name> named[6882]:
> /usr/local/bind/etc/named.conf:312: option 'allow-transfer' is not
> allowed in 'forward' zone 'metro.ca'
>
> May 29 12:39:59 <machine name> named[6882]: reloading configuration
> failed: failure
>
>
>
> zone "<zone file>" {
>
> type forward;
>
> forward only;
>
> forwarders { <ip address>; };
>
> allow-query { <acl name>; };
>
> allow-transfer { <acl name>; };
>
> };
>
>
>
> Does anyone have insight on:
>
>
>
> 1- Is my config good ?
No.
>
> 2- Is it possible to do so in the first place ?
No.
> Thanks to all who'll reply.
>
>
>
> Martin
>
>
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list