Issues with loop
Jonathan Petersson
jpetersson at garnser.se
Fri Jul 11 02:06:00 UTC 2008
Hi everyone.
I recently took a couple of new DNS servers online and have stumbled
upon an issue. These servers are hosting a couple of reverse zones and
allows recursive lookup for our own external networks. This seams to
cause a loop when looking up records of the hosted zones.
Could anyone recommend another approach to allow recursive lookups for
known networks and still only allow queries for the authoritative
zones to the rest of the Internet?
(The networks in this config is not ours)
Thanks
options {
query-source address * port 53;
directory "/var/named";
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
version "surely you must be joking";
allow-transfer {
127.0.0.1;
123.123.123.123;
};
querylog yes;
};
logging {
channel default_debug {
file "/var/log/named.run";
severity dynamic;
};
channel query_log {
file "/var/log/querylog" versions 3 size 40m;
print-time yes;
};
category queries { query_log; };
};
view "known" {
match-clients {
127.0.0.1;
122.0.0.0/24; # Allowed network
};
recursion yes;
include "/etc/named.root.hints";
include "/etc/named.rfc1912.zones";
};
view "all" {
match-clients { any; };
recursion no;
zone "0.0.122.in-addr.arpa" IN {
type slave;
file "slaves/122.0.0";
masters { 123.123.123.123; };
};
};
More information about the bind-users
mailing list