Hi Julian,
> My only worry now is if there's a door I haven't closed which is even now
> trying to tell the world about my local LAN!
Is this machine directly connected to the internet or behind a firewall? In
the first case somebody could try talking to your nameserver. Not sure if you
can block that using tcpwrappers (/etc/hosts.deny and hosts.allow), but you
can definitely restrict access using iptables or ipchains (only allowing local
addresses to connect to the name server, you do need to allow returning
traffic to bind though).
> So this all seems to do the same as your configuration, but I haven't yet
> mentioned the word "forwarder".
>
> Now a DNS guru is going to step up and tell us the pros and cons of our two
> approaches, right? :-)
Using a forwarder reduces the traffic on the root servers, so it is probably
a good idea. Personally I do let my firewall talk to the root servers
directly, because the DNS servers of my ISP were (are?) unreliable.
Bye,
Leonard.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
