I
Ivan Slovic
I want to disable allow-recursion on my DNS servers for anyone except my
internal set of IP addresses.
Is this possible to do it?
Thanks,
Ivan
internal set of IP addresses.
Is this possible to do it?
Thanks,
Ivan
Kevin D. Goodknecht said:You either allow recursion or you disable recursion. You don't have a choice
as to who gets to use it.
This is one reason why you shouldn't allow access to your internal DNS
server by external users. If you had your public zones on a sepparate DNS
server you could disable recursion on it.
Kevin D. Goodknecht said:This is a case when you should let your registrar host the public zone for
you. It is risky business to have the internal DNS server you need for
internal DNS resolution, also resolving names for public users.
One big negative, unless your internal Network is using all public IP
addresses, you are going to have big problems resolving names for the
correct IP for both internal and public users.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
Ivan Slovic said:My network is a little bit complicated to explain here, but this
segment I'm talking about here is all public IPs and my DNS needs to
be like it is right now.
Thanks anyway... you helped me save my time and quit looking for
selective recursion, because I thought it could be done, it seemed to
me as a normal dns option.
Ivan
This feature exists under BIND...It's called 'views'.
Ivan Slovic said:"Ace Fekay [MVP]"
I know... but we don't use Linux or some kind of *ix OS. We're
Microsoft Certified Partner. ))))
Ivan
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.