How to restrict who can use my DNS Server

  • Thread starter Thread starter John
  • Start date Start date
J

John

Hi all:

I am fairly sure that this question has been asked many times but here
goes:

I have a Windows 2000 Server running DNS.

I want to configure it so that it only allow my own IP block to use
it, essentially, sorta like Bind "allow-query" statement. Others can
use it to query only domains that I host.

Is there such a thing in the Microsoft DNS World?

Thank you.

-J.
 
In
John said:
Hi all:

I am fairly sure that this question has been asked many times but here
goes:

I have a Windows 2000 Server running DNS.

I want to configure it so that it only allow my own IP block to use
it, essentially, sorta like Bind "allow-query" statement. Others can
use it to query only domains that I host.

Is there such a thing in the Microsoft DNS World?

Thank you.

-J.
Click to expand...

Unfortunately, no, not yet. In such a scenario where one would host
internal private and external public data and restrict views accordingly, I
would rather have two separate servers anyway.

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations
 
John said:
Hi all:

I am fairly sure that this question has been asked many times but here
goes:

I have a Windows 2000 Server running DNS.

I want to configure it so that it only allow my own IP block to use
it, essentially, sorta like Bind "allow-query" statement. Others can
use it to query only domains that I host.

Is there such a thing in the Microsoft DNS World?
Click to expand...

No. You either let them query it fully or you block them
with something like IPSec (or RRAS) filters completely.

BTW: This is one of the several reasons the same DNS
server should NOT be used for your internal resolution and
also for external users.

In fact, in general, your PUBLIC DNS zones should generally
be hosted at the REGISTRAR (especially if you are needing
to double up servers like this.)
 
Back
Top