HP-UX IP Address and Client Management Administrator's Guide HP-UX 11i v2, HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

Following are the options available for check-names:

• ignore – No checking is done.

• warn – Names are checked against their expected client contexts. Invalid names are logged,

but processing continues normally.

• fail – Names are checked against their expected client contexts. Invalid names are logged,

and the offending data is rejected.

The default values for the check-names option are:

check-names master fail; check-names slave warn;

check-names response ignore;

If you specify check-names response fail, the server sends a REFUSED response code to

the client.

You can also specify the check-names option in the zone statement, but this overrides the

options check-names statement. When you specify check-names in a zone statement, the

area is not specified, because it can be deduced from the zone type.

Access Control Options

You can restrict access to the server based on the IP address of the requesting system. Table 1-7

describes the access control options.

Table 1-7 Access Control Options

DescriptionOption

This option specifies the hosts that are allowed to ask simple

questions. You can also specify the allow-query option in the

zone statement, which overrides the options allow-query

statement.

By default, it allows queries from all hosts.

allow-query { address_match_list};

This option specifies the hosts that are allowed to receive zone

transfers from the server. You can also use the allow-transfer

option in the zone statement, which overrides the options

allow-transfer statement. By default, it allows transfers from

all hosts.

allow-transfer { address_match_list};

This option specifies which hosts are allowed to make recursive

queries through the server. If not specified, recursive queries from

all the hosts are allowed.

allow-recursion {

address_match_list};

This option specifies a list of addresses that the server does not

use to resolve a query and from which the server does not accept

any queries.

blackhole { address_match_list};

Interface Options

The interface option is of the following format:

listen-on [port ip_port] {address_match_list};

The listen-on option specifies the interfaces and ports from which the server answers queries.

You can specify an optional port and an address_match_list in the listen-on option. The

server listens on all interfaces allowed by the address_match_list.

If you do not specify a port, port 53 is used. If you do not specify the listen-on option, the

server listens on port 53 on all interfaces. You can specify multiple listen-on statements.

An example listen-on option is as follows:

listen-on { 5.6.7.8; }; listen-on port 1234 { 11.2.3.4; 1.2/16; };

Zone Transfer Options

Table 1-8 describes the zone transfer options.

34 Overview