Whether you set allow-query to none, or remove the zone statement,
clients will get an error when they try to query the zone.
On 17.01.12 14:13, Jeff Peng wrote:
There is a difference when you develop a web interface for DNS system.
A user can "pause" the domain from web interface, if we remove the
zone and records from BIND files, how will we do if user choose to
enable the domain?
simply: instead of adding "allow-notify {none;};" when user pauses a
zone, you remove whole zone definition from the config file. When user
unpauses, you will re-add the zone to bid config
But with allow-query none, only adding a statement we can "pause" the
domain for querying, but can re-enable it by removing this statement
later.
The zone can stay on disk, in database etc, even when "paused".
You still need to edit the config file, so there's not big difference.
There's one Barry mentioned: With allow-query_none anyone who queries
will get REFUSED, when you remove the zone definition they'll get
SERVFAIL or maybe NXDOMAIN
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
