Z00EJR01%AWIUNI11@pucc.PRINCETON.EDU (Ewald Jenisch) (02/22/91)
We're running a "bind" nameserver under Unix for some time now. I'm looking for a way to restrict zone-transfers from nameservers. Put in another way I only want certain hosts in the net to do a complete zone-transfer (namely official "secondary nameservers") - the rest of the nameservers/nslookups out there should be able to query our nameserver for IP-addresses or inverse queries but NOT a complete zone-transfer. Any ideas how I could get that working? Are there any modifications necessary in the "named"-sources? I've already looked at the "assigned numbers" but didn't find a dedicated TCP/UDP port for AXFER queries - seems all nameserver queries run over port 53 (both UDP and TCP). Thanks in advance for any information, Ewald JENISCH NIC-Handle: EJ51 University Computer Center; University of Vienna, Austria E-Mail: z00ejr01@awiuni11.bitnet or z00ejr01@helios.edvz.univie.ac.at Snail-Mail: Universitaetsstrasse 7; A-1010 Vienna, Austria, Europe