1. Home
  2. pfSense Packages
  3. Setting up Bind

Setting up Bind

  • R

    hi,

    i have pfsense atm as a DNS forwarder but im going to disable that and enable Bind as my DNS server but a few questions i need to ask before hand -

    listen-on, i imagine i want to click "listen on all interfaces/ip addresses"

    enable notify, what does this mean?

    hide version?

    and i imagine the rest of the defaults i can leave alone

    thanks

    rob

    0
  • C

    If you turn on DNS to listen on WAN, then you want to hide version as precaution to avoid targeted attacks. This would make it easier for attackers to figure out what your BIND is vulnerable to if vulnerable based on version number.

    I recommend only listen on your internal networks. You don't want to expose your internal zones to the internet and/or get flooded by people using your DNS server.

    Notify is used if your BIND is the primary DNS server and you have slave DNS servers configured in Zone(s). If notify is enabled, it will immediately notify the slave servers when changes occur to the zone(s). This will help keep your DNS servers in sync quicker. You will only need this if you are setting up DNS zones.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy