Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

  1. Follow us on twitter - we shoot all of our new original content out as well as random messages. https://twitter.com/linuxdotorg
    Dismiss Notice

Bind9 listen-on IP Address

Discussion in 'Server Security' started by TCRatius, Jan 30, 2019.

Tags:
  1. TCRatius

    TCRatius Member

    Joined:
    Aug 30, 2017
    Messages:
    26
    Likes Received:
    27
    According to the Debian wiki on bind9, https://wiki.debian.org/Bind9, and in the file stated below it refers to a listen-on address. Now, as far as I can gather from what I read is that the second part of the IP Address can be anything in the range 1-xxx. So I could put 10.0.0.xx, as that is the protocol my router uses. Does anyone have any way of explaining the listen-on part of this config file?


    (Log in to hide this advertisement)


    In file /etc/bind/named.conf.options
    options {
    directory "/var/cache/bind";
    // Exchange port between DNS servers
    query-source address * port *;
    // Transmit requests to 192.168.1.1 if
    // this server doesn't know how to resolve them
    forward only;
    forwarders { 192.168.1.1; };
    auth-nxdomain no; # conform to RFC1035
    // From 9.9.5 ARM, disables interfaces scanning to prevent unwanted stop listening
    interface-interval 0;
    // Listen on local interfaces only(IPV4)
    listen-on-v6 { none; };
    listen-on { 127.0.0.1; 192.168.0.1; };
    // Do not transfer the zone information to the secondary DNS
    allow-transfer { none; };
    // Accept requests for internal network only
    allow-query { internals; };
    // Allow recursive queries to the local hosts
    allow-recursion { internals; };
    // Do not make public version of BIND
    version none;
    };
     

Share This Page