Discussion on:
View:
Show:
In step two I receive an error (not recognized as na internal...). However there are two diferent recursion settingw within the server properties window, fowarders and advanced. Are either (or both) of these used to control the same setting as referrenced in the articel?
I have the same confusion as Bryce. Do these settings control the same thing? And, can one or both of these settings replace the DNSCMD command line setting?
Thanks...
Thanks...
In UNIX flavors of BIND, you can't natively control which ports are open on a multihomed interface. If the "named" service is running, all IP addresses will listen for traffic. To gain greater control over this problem, check out the ucspi-tcp package created by D.J. Bernstein.
Doesn't BIND 9 allow you to do this with the following command?
options {
listen-on port 53 { xx.xx.xx.xx; };
}
I have the loopback and internal address defined on this multihomed machine with it and according to netstat, those are the only places where BIND is listening for DNS queries...
I also control all other ip/port bindings through xinetd and the conf files for programs like squid and apache. You may not be able to do it at the system level, but it can be done in the server configuration files.
Another thing to be wary of is who can transfer (AXFR/IXFR) your zones. Visit http://www.credentia.cc/dns/ for links to more information about this, cache-snooping, recursion & delegation problems, etc.
In Win2K servers, this is the default setting!Microsoft also explains it well in its online Help.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
