HP-UX IP Address and Client Management Administrator's Guide (October 2009)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software

Name-Checking Option

The server checks the domain names based on their expected client contexts. For example, you

can check whether a domain name used as a host name complies with the RFCs that define valid

host names:

check-names (master | slave | response )(warn | fail | ignore);

The server can check names in three areas:

• master – Checks master zone files.

• slave – Checks slave zone files.

• response – Checks the query’s response when the server has initiated the query.

Following are the options available for check-names:

• ignore – No checking is done.

• warn – Names are checked against their expected client contexts. Invalid names are logged,

but processing continues normally.

• fail – Names are checked against their expected client contexts. Invalid names are logged,

and the offending data is rejected.

The default values for the check-names option are:

check-names master fail;

check-names slave warn;

check-names response ignore;

If you specify check-names response fail, the server sends a REFUSED response code to

the client.

You can also specify the check-names option in the zone statement, but this overrides the

options check-names statement. When you specify check-names in a zone statement, the

area is not specified, because it can be deduced from the zone type.

Access Control Options

You can restrict access to the server based on the IP address of the requesting system. Table 1-7

describes the access control options.

Table 1-7 Access Control Options

DescriptionOption

This option specifies the hosts that are allowed to ask simple

questions. You can also specify the allow-query option in the

zone statement, which overrides the options allow-query

statement.

By default, it allows queries from all hosts.

allow-query { address_match_list};

This option specifies the hosts that are allowed to receive zone

transfers from the server. You can also use the allow-transfer

option in the zone statement, which overrides the options

allow-transfer statement. By default, it allows transfers from

all hosts.

allow-transfer { address_match_list};

This option specifies which hosts are allowed to make recursive

queries through the server. If not specified, recursive queries from

all the hosts are allowed.

allow-recursion {

address_match_list};

This option specifies a list of addresses that the server does not

use to resolve a query and from which the server does not accept

any queries.

blackhole { address_match_list};

Interface Options

The interface option is of the following format:

BIND Name Service Overview 35