Manualshelf

DNS Configuration and Management Manual (G06.27+, H06.05+, J06.03+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
61626364656667686970
DNS Configuration on the NonStop Server
HP DNS Configuration and Management Manual529432-003
3-19
Use Firewalls and a Bastion Host
Use Firewalls and a Bastion Host
On an HP NonStop system, if you are connecting to the Internet, you are probably
using a firewall (which HP recommends). You can limit the internal hosts that can
directly access the Internet because of the security risks inherent in allowing bi-
directional DNS traffic through the firewall unrestricted. Several types of firewalls exist,
the most common being packet filters and application gateways. In an application
gateway firewall or for any firewall without the ability to pass DNS traffic, the only host
Example 3-3. Sample Configuration File for Views
options {
query-source address 10.53.0.2;
port 5300;
pid-file “named.pid”;
listen-on {10.53.0.2;};
recursion no;
notify yes;
};
view “internal” [
match-clients {10.53.0.2;
10.53.0.3;};
zone “.” {
type hint;
file “root.hint”;
};
zone “example” {
type master;
file “internal.db”;
allow-update {any;};
};
};
view “external” {
match-clients {any;};
zone “.” {
type hint;
file “root.hint”;
};
zone “example” {
type master;
file “example.db”’
};
};