I finally chose to *not* implement the 'forward-only' statement, but
accept responses from any DNS server.
I also implemented the 'allow-transfer' as per your suggestion.
Finally, I implemented the 'allow-query' to limit the queries to coming
from my two networks only. I found the recipe in the BIND book and
thought I should tighten up the security even more than what you had
suggested, "when I already had the trousers down" as we sometimes say in
Swedish. ;-)
Regards
Gustav
"Michael H. Warfield" wrote:
<snip>
> zone "acmebw.com" {
> type master;
> file "db.acmebw";
> allow-transfer {
> 192.168.0.1;
> 192.168.1.1;
> };
> };
<snip>
> options {
> forwarders {
> 192.249.249.1;
> 192.249.249.3;
> };
> forward-only;
> }
<snip>
--
pgp = Pretty Good Privacy.
To get my public pgp key, send an e-mail to: [EMAIL PROTECTED]
Visit my web site at http://www.schaffter.com
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
