The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to do external DNS recursion restrictions in Bind?

Discussion in 'Bind / DNS / Nameserver Issues' started by vlee, Jul 16, 2012.

  1. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator
    I would like to know wow to do external DNS recursion restrictions in Bind?

    So only a selected few external non cPanel hosts can use my DNS servers using external recursion. I am running Mod Security and ConfigServer Security & Firewall and other security options in place for protection.

    Is this possible of doing?

    view "external" {
    /* This view will contain zones you want to serve only to "external" clients
    * that have addresses that are not on your directly attached LAN interface subnets:
    */
    recursion no;
    // you'd probably want to deny recursion to external clients, so you don't
    // end up providing free DNS service to all takers

    // all views must contain the root hints zone:
    zone "." IN {
    type hint;
    file "/var/named/named.ca";
    };

    // These are your "authoritative" external zones, and would probably
    // contain entries for just your web and mail servers:

    // BEGIN external zone entries
     
  2. jerrybell

    jerrybell Well-Known Member

    Joined:
    Nov 27, 2006
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    You should be able to use the allow-recursion statement in the options {} section like so:

    allow-recursion {x.x.x.x; y.y.y.y};

    where x.x.x.x and y.y.y.y are hosts out on the Internet you want to be able to perform recursive lookups.
     
Loading...

Share This Page