Embedded Files
In most situations, bind will be configured to server internal network only. This section guides you on how to configure bind to facilitate DNS service for internet network only.
Set Options
Set Options
The simple way to set the traffic is to define options clauses in /etc/bind/named.conf:
options { allow-query { 192.168.1/24; } ; allow-transfer { none; } ; allow-recursion { 192.168.1/24; } ; listen-on { 192.168.1.2; } ; forward { only; } ; forwarders { A.B.C.D; } ;};allow-query
allow-query
This is to set the range of IPs allowed for querying. Notice the example above stated that only client with the IP pattern 192.168.1.XXX are allowed to query the DNS service.
allow-transfer
allow-transfer
This is to specify zone transferring. In this case, it's best to set it to none;.
allow-recursion
allow-recursion
DNS allows recursive queries so this should aligned to the same as allow-query. Recursion query is like when the local bind server could not resolve
listen-on
listen-on
This is the most important option: set it only serve from a single IP. In this case, one must set it to the internal IP address (in the example above: 192.168.1.2). One can also set the DNS server to serve only to this computer by setting the IP to 127.0.0.1.
forward
forward
This is to set the forward conditions when local bind server forwards the request to the next DNS server. In this case, set it to forward only.
forwarders
forwarders
Set the forwarding servers (next level DNS servers). One can set manys like:
forwarders { 8.8.8.8; 8.8.4.4; };That's all for configuring bind to server only internal host.
Page updated
Google Sites
Report abuse