Bind behind a DMZ?
Res
res at ausics.net
Mon Jan 7 23:53:43 UTC 2008
On Mon, 7 Jan 2008, Vincent Yonemitsu wrote:
> It doesn't seem to be working. Is this kind of thing ok
> to do with bind? I have done it before with other DNS Servers but this is
Your zone entry in named.conf should reflect this by use of "allow-query"
eg:
acl "trust" {
localhost;
localnets;
192.168.0.0/24;
};
acl "remotedns" {
1.2.3.4;
5.6.7.8;
};
zone "example.com" {
type master;
file "example.com";
allow-update { none; };
allow-transfer { trust; remotedns; };
allow-query { any; };
};
-OR-
zone "example.com" {
type slave;
file "example.com";
masters { 1.2.3.4; };
allow-query { any; };
};
....It's also been years since I've changed the way I do trusted acl's,
but I'm sure now days you don't need to include localhost or localnet as
bind gets this from interfaces at startup and only need IP ranges
not in the /24 (Mark? correct?)
--
Cheers
Res
mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';
More information about the bind-users
mailing list