Prev-20 Home Next-20 3 msg named-checkzone ignoring flags? 4 msg Drop forwarded requests 2 msg Quota error message 5 msg BIND 9.4.2 on Solaris 8 2 msg Assertion failure: what to do next? 2 msg Blackhole option statement in BIND 1 msg X per-query 3 msg Restricting what a DNS server returns to a client 4 msg dig server problem 3 msg How to forward specific zones? 3 msg facebook.com delegation 6 msg Recursive Domain Query on Restricted Recursive DNS 3 msg Vista machines DOSing our bind servers 4 msg Root for private network 1 msg Restricting what a DNS server returns 9 msg How to define views that differ only minimally? Query Denied bind 9.4 \ Dean Clapper (26 Nov 2007) . \ Alan Clegg (26 Nov 2007) . . \ Dean Clapper (26 Nov 2007) . . . \ Alan Clegg (26 Nov 2007) . . . . \ Merton Campbell Crockett (27 Nov 2007) 7 msg Emails being wrongly delivered after DNS change 3 msg master notification issue 1 msg BIND 9.4.1-P1 Crashes with rbt.c ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Bind-users Nov-2007 Next-Thread Next-Msg Subject: Re: Query Denied bind 9.4 Group: Bind-users From: Merton Campbell Crockett Date: 27 Nov 2007 On 26 Nov 2007, at 10:35:00, Alan Clegg wrote: > Dean Clapper wrote: >> I made the changes in /etc/named.conf. > I meant what machine (IP address, name, etc), not what file. ;) > >> I created an acl for internal IPs and changed >> >> allow-query { any; }; >> to >> allow-query {internals;}; >> >> Since that name is my email server, I have to let the outside world >> query >> only that name? I don't want everyone to query everything, just >> the single >> name right? > > Turning off queries on an authoritative nameserver is not what you are > wanting to do... > > I'm guessing that you are wanting to turn off recursion, not turn off > queries completely. Probably want the following. allow-query { any; }; allow-query-cache { internals; }; allow-recursion { internals; }; Allows BIND to answer queries for zones that it is an authoritative name server. Internal users are allowed to perform recursive queries and cached answers are only available to internal users. If you are a name server for zones that are strictly internal, set "allow-query { internal; };" in the zone statement. Merton Campbell Crockett m.c.crockett Prev-Msg Prev-Thread Bind-users Nov-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com