Dear list,
I have one client with a specific zone. When the client does a query for
localhost on the nameserver, or a reverse lookup for 127.0.0.1,
everything seems perfectly okay. As soon, as the client tries to lookup
i.e. google.de or any external ip, I am getting query refused errors.
Se
I got it fixxed with an allow-query statement.
But this arises another question: Does bind implicitly add allow-queries
for locally attached interfaces and the networks configured for these?
I am asking, because it used to work for all the subnets directly
attached to the machine.
Regards
Hi Markus,
check the dhcpd.log for the following messages:
I.e.
adding:
Sep 30 15:13:06 ns1 dhcpd: Added new forward map from
172-17-111-249.example.net to 172.17.111.2
49
Sep 30 15:13:06 ns1 dhcpd: added reverse map from
249.111.17.172.in-addr.arpa. to 172-17-111-249.
example.net
removing:
Dear list,
This seems more tricky, then I thought.
When I had no allow-query statement at all in my config, everything
worked find (includign recursion) for all clients, that were in subnets
directly attached to the server. The external view (authoriative, non
recursive) did work for every cl
On Sep 30 2009, Mark Andrews wrote:
In message ,
Chris Thompson writes:
DNSSEC certainly adds to the aggravation of having lots of piddling little
reverse zones. Some people may just decide not to bother signing reverse
zones ("reverse lookup results should only be treated as a hint, anyway").
From: Apisa, Kathy (US - MABS)
Sent: Wednesday, September 30, 2009 10:23 AM
To: 'bind-users@lists.isc.org'
Subject: Blocking top level domain
Greetings everyone
I would like to know how to implement the blocking of a top level domain
in Bind 9
For e
Define "block".
Return "query refused"?
Return "name does not exist"?
Return a wildcard entry pointing to a "helpful" web page, explaining why
you don't like Chinese domains?
Whatever you're trying to do, it's probably better done in a proxy, than
in DNS.
Hi, Kathy -
Put a firewall in front of your DNS server.
:-)
Cheers,
--Trey
>
>
>
>
> From: Apisa, Kathy (US - MABS)
> Sent: Wednesday, September 30, 2009 10:23 AM
> To: 'bind-users@lists.isc.org'
> Subject: Blocking top level domain
>
>
>
> Greetings everyone
>
Easiest way would probably be to load the .cn domain and just not put
anything in it.
On Wed, Sep 30, 2009 at 11:12 AM, Apisa, Kathy (US - MABS) <
kathy.ap...@meggitt.com> wrote:
>
> --
>
> *From:* Apisa, Kathy (US - MABS)
> *Sent:* Wednesday, September 30, 2009 10:
Hello,
I have what seems to be a very basic question that I have been unable to find
an answer for. What determines the settings of the file permissions (and how
can I change those default settings) on zone files created during a zone
transfer, BIND or the OS (Solaris)?
thanks - jw
Is it possible to restrict user machines to only be able to update
their 'A' records on a specific subnet? We would like to allow DDNS
but restrict it to specific subnets and only allow the machines to
update their 'A' records. Allow-updates will not get us the record
restrictions we would
Greetings.
Does anyone know what might be causing these messages?
30-Sep-2009 08:20:56.071 client 10.10.10.10#44554: transfer of
'domain.com/IN': send: socket is not connected
Thanks,
Lou
___
bind-users mailing list
bind-users@lists.isc.org
Have you read the documentation that describes what allow-query does?
allow-query
Specifies which hosts are allowed to ask ordinary
DNS questions. allow-query may
also be specified in
In message , Chris Thomp
son writes:
> On Sep 30 2009, Mark Andrews wrote:
>
> >In message ,
> > Chris Thompson writes:
> >> DNSSEC certainly adds to the aggravation of having lots of piddling little
> >> reverse zones. Some people may just decide not to bother signing reverse
> >> zones ("revers
In message , Jim Williams writes:
> Hello=2C
> =20
> I have what seems to be a very basic question that I have been unable to fi=
> nd an answer for. What determines the settings of the file permissions (and=
> how can I change those default settings) on zone files created during a zo=
> ne trans
On Wed, Sep 30, 2009 at 01:12:17PM -0400, Jim Williams wrote:
...
> I have what seems to be a very basic question that I have been unable to find
> an answer for. What determines the settings of the file permissions (and how
> can I change those default settings) on zone files created during a zo
16 matches
Mail list logo
