0
I am working on a BIND DNS server for DNS forwarding. I noticed that you can create an ACL to have trusted clients on the server. Can I configure the BIND server without an ACL, or is it necessary to use ACLs for the BIND server to function? I would like to use BIND without an ACL, if possible.
Can I do an ACL for specific IP address range? – thecomputerguru – 2019-10-07T19:10:24.950
1
Yes. Please see https://ftp.isc.org/isc/bind9/cur/9.15/doc/arm/Bv9ARM.ch05.html#acl_grammar for the full definition of the
– Patrick Mevzek – 2019-10-07T19:19:26.587acl
keyword grammar and the precise definition of matching address list at https://ftp.isc.org/isc/bind9/cur/9.15/doc/arm/Bv9ARM.ch05.html#address_match_lists. Note the option "an IP prefix (in `/' notation) " among the possible values.Thank you for telling me about this! This was definitely what I was needing to know. Thank you for the advice for security on the BIND server. I'm demoing everything, before I put it in a production environment. – thecomputerguru – 2019-10-07T20:03:12.450