LinuxQuestions.org - BIND 9.2.3 doesn't accept ACL's in forwarders statement?

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - BIND 9.2.3 doesn't accept ACL's in forwarders statement? (https://www.linuxquestions.org/questions/linux-networking-3/bind-9-2-3-doesnt-accept-acls-in-forwarders-statement-181773/)

BIND 9.2.3 doesn't accept ACL's in forwarders statement?

Well, the subject pretty much asks the question. I've an access control list statement that defines my internet service providers nameservers, but named spits out an error on rndc reload. Is there something wrong with my configuration (I've reviewed it quite a few times by now), or is this just a "feature" of named?

I'd like to have it configured with an ACL, so it would be easier to read out the nameservers in a script. It's beyond my scripting skills to read the forwarders statement from *just* the options block...

/etc/named.conf

Code:

acl nameservers { xxx.xxx.x.x; xxx.xxx.x.xx; };



*snip*



options {

  *snip*

  forward only;

  forwarders { nameservers; };

  *snip*

}

/var/log/messages

Code:

May 15 19:31:38 lucifer named[2195]: loading configuration from '/etc/named.conf'

May 15 19:31:38 lcf named[2195]: /etc/named.conf:40: expected IP address near 'nameservers'

May 15 19:31:38 lcf named[2195]: reloading configuration failed: unexpected token

Regards,
Edaph

ACLs don't seem to be valid for use in the forwarders context. In my DNS & BIND book (only valid up through 8.x.x, but should be fairly accurate for 9.x.x) it lists the syntax for forwarders as { in_addr ; } while other statements such as allow-query have { address_match_list ; }, so they take different types of arguments, although they will both use IPs.