I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
allow-query-on { 127.0.0.1; };
To the default /etc/bind/named.conf.options file.
That should make it only answer queries sent to 127.0.0.1, and not answer
queries sent to the server's normal IP. But it seems to have no effect.
I have
Am 02.07.2014 17:08, schrieb Bob Harold:
I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
allow-query-on { 127.0.0.1; };
To the default /etc/bind/named.conf.options file.
That should make it only answer queries sent to 127.0.0.1, and not
answer queries sent to the server's
The server I really need this for is a little more complex. I was just
trying for a simple test case.
Here are more details on my plans to actually use allow-query-on. Two
DNS servers, one only for the data centers, and another for the users, but
also as backup for the data center.
DNS
personally i would not mix that and have own virtual servers
and control the reachability via iptables, the servers
can act as slave/master where needed so that the datacenter
nameserver has all zones and differ where it makes sense
we do something similar with internal / public namservers
4 dns
Did you specify 127.0.0.1 in the listen-on options statement?
I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
allow-query-on { 127.0.0.1; };
To the default /etc/bind/named.conf.options file.
That should make it only answer queries sent to 127.0.0.1, and not answer
queries sent to
listen-on defaults to all the computer's IPv4 addresses, including the
loopback, so I did not put an explicit listen-on statement. It answers
queries to both the loopback and other addresses.
--
Bob Harold
DNS hostmaster
University of Michigan
On Wed, Jul 2, 2014 at 1:06 PM, Bob McDonald
I am using Ubuntu 12.04.4, BIND 9.8.1-P1, and just added:
allow-query-on { 127.0.0.1; };
Please upgrade your BIND. There was a bug in allow-query-on that was
fixed since 9.8.6rc2.
Please note that currently allow-query-on is only used for zone
configurations. Use allow-cache-on if restricting
7 matches
Mail list logo
