My ISP gave me a range for their Dns servers as they do not have a specific one that I can notify. For instance if is use a specific ip address in the range, this server might not come for the zone file for months. My question now is how do I set up my Primary DNS server to perform zone transfer to these range of IP addresses (My ISP DNS secondary servers). Don't forget my DNS server is using the public IP address as a matter of fact it is co-located with ISP.
Thanks. -----Original Message----- From: Leonard Lee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 07, 2002 3:40 PM To: NT 2000 Discussions Subject: RE: DNS Suggestion for securing DNS (and other private systems): * Securing your DNS and other systems from the internet by using Firewall (aka BASTION host). * Make sure your DNS server is set up with a non-internet IP address. * For critical security requirement, you can setup all your internal servers/workstations to use IPsec only (I believe that's the HISECURE template) * OPtionality today (but mandatory in another two years), setup Intrusion Detection Systems: Network and Host based. * Setup the Primary DNS server to perform zone transfer to only known DNS secondary servers. Improving DNS performance: * If the bottleneck is network, then you will need to get a larger network card. * If the bottleneck is CPU, then you will need to buy more CPU or new system. * If the DNS server is slow because of RAM, then you will need to buy more RAM. * You can configure additional DNS servers: add a secondary or a PROXY DNS. cheers, Leonard Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Emmanuel Adebayo Sent: Tuesday, May 07, 2002 9:10 AM To: NT 2000 Discussions Subject: DNS Dear all, How do I protect my DNS Server from the internet and allow only the secondary server to contact my DNS server. I was trying to use Notifying list and only allow access from secondaries included in the notifying list, but my ISP has a range of IP address as there DNS servers, meaning that if I set only allow access option, the particular server may not come to pick my updated zone file. What do I do as there are to much traffic to my DNS server? Rgds. Emmanuel ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
