named.conf: query-source address

Eugene Grosbein eugen at
Wed Jul 16 16:50:23 UTC 2008


I fully understand and second efforts on educating people
how to configure BIND to be stong to attacks and keep them from using
"query-source address" with "port" option but how about
binding named to particular IP address when host has many of them?
Using "query-source address" without "port" is the only solution
(not speaking of jails here) and safe one? Wouldn't all that hustle
about query-source misinform users about utility of it?

Eugene Grosbein

More information about the freebsd-stable mailing list