I l@ve RuBoard Previous Section Next Section

3.10 Protecting a Slave Name Server from Abuse

3.10.1 Problem

You want to protect a slave name server from abuse by the maintainers of the zone.

3.10.2 Solution

Use the BIND 9 min-refresh-time, min-retry-time, max-transfer-time-in, max-transfer-idle-in, and additional-from-auth substatements.

min-refresh-time and min-retry-time are useful in guarding against the zone's administrator's either accidentally or deliberately setting his zone's refresh or retry times too low. For example:

zone "bar.example" {
    type slave;
    masters { 192.168.0.199; };
    file "bak.bar.example";
    min-refresh-time 3600;    // 1 hour minimum refresh
};

max-transfer-time-in and max-transfer-idle-in allow you to specify how long the name server will wait for a transfer of the zone to complete, and how long it will wait while the transfer is idle (i.e., isn't making progress). For example:

options
    directory "/var/named";
    max-transfer-time-in 1800;    // max transfer time 30 minutes
    max-transfer-idle-in 900;     // max transfer idle 15 minutes
};

Finally, in order to keep the name server from adding records to the additional data section of responses that come from slave zones, use the additional-from-auth options substatement

options {
    directory "/var/named";
    additional-from-auth no;
};

3.10.3 Discussion

You can use min-refresh-time and min-retry-time as options or zone substatements. As a zone substatement, the limit applies only to that zone. As an options substatement, the limit applies to all zones that don't have an explicit limit.

3.10.4 See Also

Section 1.17 for instructions on configuring a name server as a slave for a zone and "Zone Transfers" in Chapter 10 of DNS and BIND.

    I l@ve RuBoard Previous Section Next Section