[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-linux
Subject:    RE: Bind cache availability...
From:       "Ugo Bellavance" <ugob () camo-route ! com>
Date:       2005-05-22 14:28:47
Message-ID: 54C38A0B814C8E438EF73FC76F36292753B7DC () mtlnt501fs ! CAMOROUTE ! COM
[Download RAW message or body]

John Madden wrote:
>>  I'm running Woody distribution of Debian Linux on one of my servers
>> and I use it as DNS sever - bind installed on it...
>> The DNS server is available to LAN users as same as to internet
>> users... For nonexistent records I use hint zone instead of
>> forwarding to my provider...this means, I use cacheing of records
>> from root servers...and that's the problem...records in my cache are
>> available to internet and LAN users, which I don't want for security
>> reasons...I would like them to be available only to my LAN users. Is
>> it at least possible...? 
> 
> Yes.  Set up an acl containing your IP blocks, then set up two
> separate "view" groups and use "match-clients" to filter down the
> list of IP's that are matched into each view.  For the external
> clients, set "recursion no." 
> 
> John

What version of bind are you running Draq?

[prev in list] [next in list] [prev in thread] [next in thread]