Blocking reverse lookup queries for private ips

Sachin Patil 04sachin at gmail.com
Thu Nov 24 18:32:03 UTC 2016


My bind setup only modifies response/resolved ips for certain domains, this
is the only purpose of my setup (apart from caching).

I don't have any private/local zones, thus I have kept it in forwarded mode.

Best Regards,
Sachin

On Thu, Nov 24, 2016 at 5:23 PM, Matus UHLAR - fantomas <uhlar at fantomas.sk>
wrote:

> On 24.11.16 13:57, Sachin Patil wrote:
>>>
>>>> I have changed option - "forward only;" to "forward first;" and it has
>>>> enabled empty zones.
>>>> I can see request for private ips not going over internet using tcpdump.
>>>>
>>>> This configurations works, but is this good configuration for forward
>>>> only
>>>> dns server or will there be any problems related caching etc with this
>>>> conf.
>>>>
>>>
> On Thu, Nov 24, 2016 at 3:06 PM, Matus UHLAR - fantomas <uhlar at fantomas.sk
>> >
>> wrote:
>>
>>> no, the good configuration is if you do the recursion yourself, without
>>> forwarding to google.
>>>
>>
> On 24.11.16 17:10, Sachin Patil wrote:
>
>> I need to forward requests to google as I am using this as forwarding
>> server.
>>
>
> then, don't use google as forwarding server - BIND can do DNS lookups
> itself.
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> If Barbie is so popular, why do you have to buy her friends?
> _______________________________________________
>
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20161125/e54c61f6/attachment.html>


More information about the bind-users mailing list