On 2012.11.15 11.39, Novosielski, Ryan wrote:
Great, thanks, sounds like I'm covered then (I have BIND running authoritative for my zone on the firewall/NAT machine only accepting queries from my local 1918 addresses) and DHCP providing its address as the nameserver.
be sure that bind is also authoritative for your 1918 arpa space as well [and you might as well just make it authoritative for all previously mentioned address space]. accepting queries from only your private network is good, but that alone will not prevent leakage [and leakage is never good, dns or otherwise :) ]
-ben _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
