Re: The "not long discussion" thread....

• From: Steve Sobol
• Date: Tue Apr 26 21:01:36 2005

Jerry Pasker wrote:

Steve Sobol replied with:

I'm not going to enter into a long discussion with you. :)

I'm just curious why you didn't restrict AXFR to certain IPs instead.

And I'm posting back to NANOG:

I did.

And I had router ACLs doing the same thing. Allow to hosts that needed it, deny for everyone else. And I did this to ALL my DNS servers.

What were the router ACLs doing that the DNS server ACLs weren't/couldn't?



--
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [email protected] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"
    --New Order, "Bizarre Love Triangle"

• Follow-Ups:
  • Re: The "not long discussion" thread.... Jerry Pasker
  • Re: The "not long discussion" thread.... Christopher L. Morrow

• References:
  • Problems with NS*.worldnic.com Greg Schwimer
  • Re: Problems with NS*.worldnic.com Randy Bush
  • Re: Problems with NS*.worldnic.com Jerry Pasker
  • The "not long discussion" thread.... Jerry Pasker

• Prev by Date: NPR program: "The Internet as a public utility"
• Next by Date: FCC Chief Wants 911 Service for Internet Phones
• Date Index
• Thread Index
• Author Index
• Historical