13 Oct
2010
13 Oct
'10
8:57 p.m.
Hi Michael,
On Wed, Oct 13, 2010 at 04:52:05PM -0400, Michael Corliss wrote:
Will adding the following to the zone record allow
AXFR? or can I replace
allow-transfer with allow-axfr and leave off the provide-ixfr line?
allow-transfer {
127.0.0.1;
212.13.194.70;
209.237.247.198;
209.20.91.73;
};
You're right, it's -transfer not -axfr.
provide-ixfr no ;
ixfr generally only works with zones that are updated using dynamic
updates, rather than by editing zone files, so there isn't going to
be any advantage to turning that on.
I noticed that some of the nameservers have the same
IPs as the old ones;
would a request for ilovephilosophy.com sent to ns0.lon.bitfolk.com be
successfully delivered through a.authns.bitfolk.com during the interim
until my registrar updates the nameservers for ilovephilosophy.com?
Yes, as long as the packets end up at the correct IP address it's
fine.
and will the following input and output rules in
iptables suffice to
allow zone transfers:
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
Should do.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting