allow-query for a zone

Barry Margolin barmar at alum.mit.edu
Tue Jan 17 06:03:44 UTC 2012


In article <mailman.895.1326770213.68562.bind-users at lists.isc.org>,
 Jeff Peng <pyh at staff.dnsbed.com> wrote:

> >> Well, my dns manage system (dnsbed.com) requires a "zone pause" feature.
> >> >  When user click the "pause" button, the zone should be stopped for
> >> >  resolving, but the config and records should be kept.
> > How can you tell the difference?
> 
> 
> what differenct do you mean?

Whether you set allow-query to none, or remove the zone statement, 
clients will get an error when they try to query the zone.

Actually, I just realized a possible counterexample: if the zone is a 
subzone of another zone that the server hosts, the type of error depends 
on the strategy used.  With the zone statement, the error will be 
REFUSED; without the zone statement, it will be SERVFAIL because of the 
lame delegation to itself.

-- 
Barry Margolin
Arlington, MA



More information about the bind-users mailing list