questions on allow-query
Evan Hunt
each at isc.org
Mon Feb 19 23:34:22 UTC 2018
On Mon, Feb 19, 2018 at 03:51:42PM -0700, @lbutlr wrote:
> If I set
>
> allow-query { 127.0.0.1; [myipblock]; }
>
> Then my DNS doesn't respond to any other servers, right? This would be
> bad for being authoritative. so, should I set that and then set
> allow-query { any; }; in each zone?
>
> Is that better than simply setting the IPs that are allowed recursion?
The usual approach is allow-query { any; }; and allow-recursion
{ localhost; localnets; };
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list