On Wed, Sep 10, 2003 at 11:35:58AM -0700, Mark Ferlatte wrote: > [EMAIL PROTECTED] said on Wed, Sep 10, 2003 at 09:22:15AM -0700: > > I know I can use ACLs to setup what hosts can AXFR with allow-transfer, > > but I'm wondering if there is a way to only allow transfers to hosts > > specified as NS in the zone. That would avoid having to update the > > bind conf file if a zone's NS records change. Is that possible in > > Bind9? > > Not directly.
I should ask on the bind list, but I wonder why that's not an option. Seems like a logical way to limit AXFRs and very easy to manage since it would look at the NS of the zone -- no extra config changes when NS records change. Likely there's something obvious that I'm not seeing, though. I'm also not clear if there's any security risk by allowing AXFRs to all. -- Bill Moseley [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
