Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting up Bind

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      robina80
      last edited by

      hi,

      i have pfsense atm as a DNS forwarder but im going to disable that and enable Bind as my DNS server but a few questions i need to ask before hand -

      listen-on, i imagine i want to click "listen on all interfaces/ip addresses"

      enable notify, what does this mean?

      hide version?

      and i imagine the rest of the defaults i can leave alone

      thanks

      rob

      1 Reply Last reply Reply Quote 0
      • C
        Caboosey
        last edited by

        If you turn on DNS to listen on WAN, then you want to hide version as precaution to avoid targeted attacks. This would make it easier for attackers to figure out what your BIND is vulnerable to if vulnerable based on version number.

        I recommend only listen on your internal networks. You don't want to expose your internal zones to the internet and/or get flooded by people using your DNS server.

        Notify is used if your BIND is the primary DNS server and you have slave DNS servers configured in Zone(s). If notify is enabled, it will immediately notify the slave servers when changes occur to the zone(s). This will help keep your DNS servers in sync quicker. You will only need this if you are setting up DNS zones.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.