[NBLUG/talk] BIND and zallow-transfer

Sean seanvanco at gmail.com
Wed Aug 9 08:58:03 PDT 2006


The last week I have been setting up a pair of BIND DNS servers, and I
came accross a security question I was hoping someone here could clear
up.

If allow-transfer in named.conf is set to a specific IP address, do I
still need to block TCP port 53 to all but my secondary that will be
pulling the updates? I presume that allowing only my secondary will
prevent other servers from getting my domain files, but I cannot find
that information.


Thanks!

Sean



More information about the talk mailing list