Date: Mon, 1 Feb 1999 15:08:01 -0800 (PST) From: Dan Busarow <dan@dpcsys.com> To: Leif Neland <root@neland.dk> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: bind8: notify-also Message-ID: <Pine.BSF.3.96.990201143237.2760A-100000@java.dpcsys.com> In-Reply-To: <Pine.BSF.4.05.9902012244050.28074-100000@gina.neland.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 1 Feb 1999, Leif Neland wrote:
> I want to run a "private" copy of bind8 on our mailserver; have read
> somewhere this should be a good thing (tm).
I'm assuming you mean private in the sense that it isn't listed
in the roots or zone files of the domains.
> But how do I synchronize this with the master dns? I could add a
> notify-also for every domain (a couple of hundreds), but can't I add a
> global modify-also instead?
Set it up as a secondary. You need entries for every domain
you'll secondary in named.conf. Grab a copy from an existing
secondary.
> Also a global "allow-transfer"?
Add this machine to the allow-transfer {} in the options {} section
on your primary. If you have the allow-transfer set by zone, you'll
need to add it there too as the more specific option wins.
And to keep others from using this machine as a name server setup
an acl
acl just-me {
localhost; // picks up all local interfaces
};
options {
...
allow-query {
just-me;
};
};
You don't need to make any changes to the zone files as long as they
don't have their own allow-query's.
Dan
--
Dan Busarow 949 443 4172
Dana Point Communications, Inc. dan@dpcsys.com
Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990201143237.2760A-100000>