[nsd-users] deny query per zone?

A. Schulze sca at andreasschulze.de
Thu May 4 09:46:40 UTC 2017


running a root zone mirror like described in RFC 7706 explicit require  
the service is limited
to run on loopback addresses.
To use an already existing nsd instance it would be valuable if I  
could limit queries for a zone
by client ip. I didn't found any configuration setting to achieve such  

Would the developer/other users consider such a feature valuable as well or
do you suggest to really run a separate instance of nsd with an  
explicit limitation "listen only on loopback"?

see "man 5 nsd.conf", section "Zone Options".
I search for something like "allow-query: <ip-spec>" or  
"provide-query: <ip-spec>"


More information about the nsd-users mailing list