BIND Refusing to Resolve for External Hosts

[Matthew Seaman]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/07/2010 15:05:37, Chris Maness wrote:
> Can a sub block of IP address space be used, and if so, what is the
> wild card?

Yes.  You can use lists of IPs or address-and-mask in BIND ACLs.  See:

http://www.isc.org/files/arm96.html#address_match_lists

and

http://www.isc.org/files/arm96.html#id2553419

So, for example, I use this in my own BIND configuration:

acl public-nets {
    127.0.0.1;
    ::1;
    81.187.76.160/29;
    81.187.220.164;
    2001:8b0:151:1::/64;
};

	Cheers,

	Matthew


- -- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew at infracaninophile.co.uk               Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwspz4ACgkQ8Mjk52CukIwe+ACfUD9llW6qoIhgNRGYr63gYU87
geAAmwcYudxH5G6YHiYLTmZGlveTOB+6
=ltc+
-----END PGP SIGNATURE-----