On 28/06/2014 10:38, Johannes Kastl wrote: > Another idea I had was using stunnel to tunnel just one port from > the home lan to the vserver. But I would need to tell bind to only > use TCP, as stunnel is only able to handle TCP. > > Can I tell bind to only use TCP for zone transfers? Hmm, I'll go > dig in the documentation...
BIND uses TCP for zone transfers by default. It doesn't fall back to UDP, so you don't have to configure anything. In general, all name server software I know of, uses TCP for zone transfers. UDP is not recommended, although some implementations, such as NSD, provide the option to do tranfers over UDP (and strongly urge the use of TSIG in that case). Anand _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
