Re: DoH credentials

2024-03-25 Thread Marco Moock
Am 25.03.2024 um 17:09:43 Uhr schrieb Julien Salort: > Because I am using an Apache proxy, bind9 sees the incoming requests > as localhost, so allows all recursive requests from anybody. > > Does it mean that credentials have to be implemented by the webserver > ? Yes, if you want to have a

DoH credentials

2024-03-25 Thread Julien Salort
Hello, I am trying bind9 DoH features (bind9 9.18.18). It works from Firefox, although it feels slower than with native resolver. However, it seems that this makes an open resolver, i.e. there is no authentication of any sort. I haven't found any reference to how to set up credentials in

RE: transfert master slave

2024-03-25 Thread sami . rahal
It's clearer now, thank you Greg Sami De : Greg Choules Envoyé : lundi 25 mars 2024 12:52 À : RAHAL Sami SOFRECOM Cc : ML BIND Users Objet : Re: transfert master slave Hi Sami. "allow-..." statements are to restrict from which sources *this* server will accept messages, of whichever type. On

Re: transfert master slave

2024-03-25 Thread Greg Choules via bind-users
Hi Sami. "allow-..." statements are to restrict from which sources *this* server will accept messages, of whichever type. On the secondary (slave), "allow-notify {192.168.56.154;};" will permit it to process NOTIFY messages sent to it from the primary (master), but ignore any others. Actually,

RE: transfert master slave

2024-03-25 Thread sami . rahal
Thank you Mark for this information Regards De : Mark Andrews Envoyé : lundi 25 mars 2024 12:42 À : RAHAL Sami SOFRECOM Cc : ML BIND Users Objet : Re: transfert master slave Allow-notify is additive. You can’t block notify from primaries. -- Mark Andrews On 25 Mar 2024, at 22:34,

Re: transfert master slave

2024-03-25 Thread Mark Andrews
Allow-notify is additive. You can’t block notify from primaries. -- Mark Andrews > On 25 Mar 2024, at 22:34, sami.ra...@sofrecom.com wrote: > >  > Hello community, > I'm trying to configure a DNS slave server (192.168.56.157) . I want to allow > notifications only from the master

Re: transfert master slave

2024-03-25 Thread Matus UHLAR - fantomas
On 25.03.24 11:34, sami.ra...@sofrecom.com wrote: I'm trying to configure a DNS slave server (192.168.56.157) . I want to allow notifications only from the master (192.168.56.154). I added the directive "allow-notify {192.168.56.154;};" and it works. However, when I try to test the

transfert master slave

2024-03-25 Thread sami . rahal
Hello community, I'm trying to configure a DNS slave server (192.168.56.157) . I want to allow notifications only from the master (192.168.56.154). I added the directive "allow-notify {192.168.56.154;};" and it works. However, when I try to test the prohibition of notification by adding