> I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
> allow-query-on { 127.0.0.1; };
Please upgrade your BIND. There was a bug in allow-query-on that was
fixed since 9.8.6rc2.
Please note that currently allow-query-on is only used for "zone"
configurations. Use allow-cache-on if restrict
"listen-on" defaults to all the computer's IPv4 addresses, including the
loopback, so I did not put an explicit "listen-on" statement. It answers
queries to both the loopback and other addresses.
--
Bob Harold
DNS hostmaster
University of Michigan
On Wed, Jul 2, 2014 at 1:06 PM, Bob McDonald
Did you specify 127.0.0.1 in the "listen-on" options statement?
> I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
> allow-query-on { 127.0.0.1; };
> To the default /etc/bind/named.conf.options file.
> That should make it only answer queries sent to 127.0.0.1, and not answer
> queries s
personally i would not mix that and have own virtual servers
and control the reachability via iptables, the servers
can act as slave/master where needed so that the datacenter
nameserver has all zones and differ where it makes sense
we do something similar with internal / public namservers
4 dns s
The server I really need this for is a little more complex. I was just
trying for a simple test case.
Here are more details on my plans to actually use "allow-query-on". Two
DNS servers, one only for the data centers, and another for the users, but
also as backup for the data center.
DNS resolv
Am 02.07.2014 17:08, schrieb Bob Harold:
> I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
>
> allow-query-on { 127.0.0.1; };
>
> To the default /etc/bind/named.conf.options file.
> That should make it only answer queries sent to 127.0.0.1, and not
> answer queries sent to the server'
6 matches
Mail list logo
