Re: BIND: How to prevent specific user to resolv internet DNS
From: Jason Dixon (jason_at_dixongroup.net)
Date: 09/04/03
- Previous message: Jason Dixon: "RE: Port Forward 1 Port"
- In reply to: Budi Febrianto: "Re: BIND: How to prevent specific user to resolv internet DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: Red Hat Mailing List <redhat-list@redhat.com> Date: 03 Sep 2003 22:39:51 -0400
On Wed, 2003-09-03 at 22:26, Budi Febrianto wrote:
> >> I installed Bind-9 in RHL 8.0. Bind is act as internal DNS and also act
> as caching DNS for external DNS server to query internet DNS.
> I want that only specific users who can query to external DNS, and the
> rest is restricted.
>
> Is that possible?
>
> >No. Bind can control which IP addresses can resolve which names or
> >addresses, but it has no concept of usernames.
>
> Yes, IP's will do fine.
>
> I want to allow only a range of IP's (172.16.1.1-172.16.1.50) to query to
> external DNS, and the rest only can query internal DNS.
>
> How can bind control it?
Previously, you'd need to run split-horizon DNS. Bind 9 is nice in that
it uses the "views" feature. O'Reilly has a good explanation of the
concept and its implementation:
http://sysadmin.oreilly.com/news/views_0501.html
-- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Jason Dixon: "RE: Port Forward 1 Port"
- In reply to: Budi Febrianto: "Re: BIND: How to prevent specific user to resolv internet DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
