On 09/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
I've looked the link for info http://dnsreport.com/info/opendns.htm
and, inserted this into my named.conf:
recursion no;
allow-recursion {
203.42.34.53;
203.42.34.54;
};
so, now I have like:
options {
directory "/var/named";
allow-transfer {
--snip--
(list of allowed IPS)
--snip--
};
listen-on {
203.42.34.54;
};
recursion no;
allow-recursion {
203.42.34.53;
203.42.34.54;
};
};
...
what have I done wrong ?
I suspect you fell exactly into the trap the link warns about ("[Use
caution; BIND files are easy to break]"). You have disabled recursion
completely. You should differentiate between internal and external clients
using different views. Look at the "view" statement documentation in
http://www.isc.org/sw/bind/arm93/Bv9ARM.ch06.html#view_statement_grammar and
also follow the link given in the comments in dnsreport to
http://www.cymru.com/Documents/secure-bind-template.html
HTH,
--P
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
