On Thu, Jul 17, 2008 at 12:20:42AM +0800, Eugene Grosbein wrote:
> I fully understand and second efforts on educating people
> how to configure BIND to be stong to attacks and keep them from using
> "query-source address" with "port" option but how about
> binding named to particular IP address when host has many of them?
We do such on our authoritative nameservers. The options we use:
listen-on { 127.0.0.1; 72.20.106.4; };
query-source address 72.20.106.4;
transfer-source 72.20.106.4;
notify-source 72.20.106.4;
interface-interval 0;
use-alt-transfer-source no;
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
