DNS behind firewall
Saif Ahmed
smohammed at cmc.iq
Sun May 20 14:07:32 UTC 2012
Hi,
I have configured authuritive only DNS,
It's respond well internally
But not answer the public quires,
options {
directory "/etc/named";
// version statement - inhibited for security
// (avoids hacking any known weaknesses)
version "not currently available";
// allows notifies only from master
allow-notify {172.20.10.10; };
// disables all zone transfer requests
allow-transfer{"none"; };
allow-query { any; };
query-source address * port 53;
recursion no;
pid-file "/var/run/named/named.pid";
below the tcpdump "udp port 53" result
17:05:03.913856 IP (tos 0x0, ttl 106, id 6612, offset 0, flags [none], proto
UDP (17), length 52)
peach.dnsstuff.com.pmsm-webrctl > 192.168.30.100.domain: [udp sum ok] 1+
A? com.iq. (24)
17:05:03.914396 IP (tos 0x0, ttl 64, id 28758, offset 0, flags [DF], proto
UDP (17), length 73)
Waiting for your advise;
Thanks A lot
Saif
More information about the bind-users
mailing list