[CentOS] How to enable bind to listen querys from all my network

Miguel A. Velasco miguel.suscripcion at gmail.com
Thu Aug 28 11:35:06 UTC 2008


Lorenzo Quatrini escribió:
> Hi Miguel,
> you have to edit the allow-query line to allow queries from other host (I have
> any there, not localhost) I'm not sure about the syntax but I guess you could
> try to put 10.10.80.* or 10.10.80.0/24 there to allow queries from you network
> 
> Also remove "10.10.80.0;" from listen-on port as it isn't needed (here you can
> specify addresses if your server is multi-homed and you want it to listen only
> on some interfaces)

Hi all, thanks for your help.
Your answer Lorenzo sent me to investigate (through Google) in an 
different way. The result has been as follow:
cat /etc/named.conf:

options {
         listen-on port 53 { 127.0.0.1; any; };
         listen-on-v6 port 53 { ::1; };
         directory       "/var/named";
         dump-file       "/var/named/data/cache_dump.db";
         statistics-file "/var/named/data/named_stats.txt";
         memstatistics-file "/var/named/data/named_mem_stats.txt";
         allow-query     { any ; };
         forwarders { 195.235.113.3; 195.235.96.90; };
         forward only;
};
logging {
         channel default_debug {
                 file "data/named.run";
                 severity dynamic;
         };
};
view localhost_resolver {
         match-clients      { localhost; any; };
         match-destinations { localhost; };
         recursion yes;
         include "/etc/named.rfc1912.zones";
};

I´ve jus changed:
	listen-on port 53 { 127.0.0.1; any; };
	match-clients      { localhost; any; };
And It works porperly in all the clients!

I´ve also tried to define an acl and define these paramas as follor:

	acl "my_company" { 127.0.0.1; 10.10.80.0/24; };
	............................
	listen-on port 53 { 127.0.0.1; my_companya; };
	............................
	match-clients      { localhost; my_company; };

An it also works with more security.

Thanks very much for your help!
Miguel A. Velasco


More information about the CentOS mailing list