Technical data
Configuring and Managing BIND
5.3 Configuring the BIND Server (BIND 8.1)
Example 5–4 shows how to specify an
options
statement for name checking. The
statement specifies that nonconforming names coming from a slave are ignored.
Example 5–4 Name Checking Options
options {
check-names slave ignore;
};
5.3.2.5 Access Control
Access to the server can be restricted based on the IP address of the requesting
system. Table 5–7 describes the access control options.
Table 5–7 Access Control Options
Option Description
allow-query
Specifies which hosts are allowed to ask ordinary questions.
The
allow-query
option can also be specified in the zone
statement, in which case it overrides the option
allow-query
statement. If not specified, the default is to allow queries from
all hosts.
allow-transfer
Specifies which hosts are allowed to receive zone transfers from
the server. The
allow-transfer
option can also be specified
in the zone statement, in which case it overrides the option
allow-transfer
statement. If not specified, the default is to
allow transfers from all hosts.
Example 5–5 shows how to specify an
options
statement to control access to the
server.
Example 5–5 Access Control Options
options {
allow-query { any; } ;
allow-transfer {
1.2.3/24;
5.6.7.8;
};
};
5.3.2.6 Interfaces
The interfaces and ports from which the server answers queries can be specified
using the
listen-on
option. The
listen-on
option takes an optional port and
an
address_match_list
. The server listens on all interfaces allowed by the
address match list. All queries must be directed to the interface and port number
specified on the
listen-on
statement. If a port is not specified, the server uses
port 53.
Multiple
listen-on
statements are allowed. For example,
listen-on { 5.6.7.8; };
listen-on port 1234 { !1.2.3.4; 1.2/16; };
If a
listen-on
option is not specified, the server listens on port 53 on all
interfaces.
Configuring and Managing BIND 5–15