From owner-freebsd-questions@FreeBSD.ORG Sat Sep 28 21:14:13 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0627DC94 for ; Sat, 28 Sep 2013 21:14:13 +0000 (UTC) (envelope-from dan@buildingonline.com) Received: from alisocreek.buildingonline.net (alisocreek.buildingonline.net [204.109.62.198]) by mx1.freebsd.org (Postfix) with ESMTP id D046D2314 for ; Sat, 28 Sep 2013 21:14:11 +0000 (UTC) Received: by alisocreek.buildingonline.net (Postfix, from userid 58) id 03944BCA365; Sat, 28 Sep 2013 14:05:35 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on alisocreek.buildingonline.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.2 Received: from [192.168.1.247] (unknown [206.127.77.66]) (Authenticated sender: dan@dpcsys.com) by alisocreek.buildingonline.net (Postfix) with ESMTPA id A7354BC9E02; Sat, 28 Sep 2013 14:05:33 -0700 (PDT) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53 From: Busarow Dan In-Reply-To: <52473AE5.6050002@laposte.net> Date: Sat, 28 Sep 2013 15:05:33 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: <35A6D3B1-EC90-4D28-B1A0-651E4F8326FC@buildingonline.com> References: <5245CC59.5060204@laposte.net> <524600CF.3040609@fjl.co.uk> <13463C66-C15D-48E0-B926-CA0BF6580CAD@elde.net> <524610BE.4020904@fjl.co.uk> <5246DEB3.7090002@fjl.co.uk> <52470EE1.5060004@laposte.net> <201309281528140924.0128A336@smtp.24cl.home> <52473AE5.6050002@laposte.net> To: Laurent SALIN X-Mailer: Apple Mail (2.1510) Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Sep 2013 21:14:13 -0000 On Sep 28, 2013, at 2:24 PM, Laurent SALIN = wrote: > Le 28.09.2013 21:28, Mike. a =E9crit : >> The way I solved this problem on my setup, I assigned another IP >> address to the network interface via ifconfig alias. >>=20 >> I put the authoritative namesever on one IP address, and the >> recursive nameserver on the other IP address. >>=20 >> They both are still listening on port 53, but on different IP >> addresses. >=20 > hi, > If I could it would be just fine. > I got only one public IPv4 with each VPS. I've got a IPv6 too but I'm > not easy with IPv6 yet. >=20 > The provider (Tilaa) where I rent one of the 2 VPS, the one who may = need > 2 IPv4, is a bit short about his range of IPv4 and I guess it's not > raisonable to ask for a second IPv4 just for my personal use in case = of > studying *BSD and networking stuff, I don't have a professional use = here. You only need to run one name server. It is both authoritative and = recursive by default. To limit recursion to only your own IP address = space add the following option in named.conf options { allow-recursion { 192.168.1.0/24; 127.0.0.1; }; }; Change the address space to suit. Make sure you include localhost. And after an rndc reload only your internal network will be able to make = recursive requests. Dan >=20 > Thanks. >=20 > Laurent SALIN > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"