# Bind 9 cannot work in different sub network



## yhq_34 (Jun 21, 2015)

Hi,
I installed BIND9 on my FreeBSD, it works only on same network computers, how can I setup it for another sub network computer?
below is a part of conf:

```
// $FreeBSD: head/dns/bind910/files/named.conf.in 369042 2014-09-23 11:22:40Z mat $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/local/share/doc/bind for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

options {
    // All file and path names are relative to the chroot directory,
    // if any, and should be fully qualified.
    directory    "/usr/local/etc/namedb/working";
    pid-file    "/var/run/named/pid";
    dump-file    "/var/dump/named_dump.db";
    statistics-file    "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.


// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//    listen-on-v6    { ::1; };

// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
    disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
    disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
    disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";

// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.

    forwarders {
        8.8.8.8；    };


// If the 'forwarders' clause is not empty the default is to 'forward first'
// which will fall back to sending a query from your local server if the name
// servers in 'forwarders' do not have the answer.  Alternatively you can
// force your name server to never initiate queries of its own by enabling the
// following line:
//    forward only;
```


----------



## SirDice (Jun 22, 2015)

Post the whole config, the part you posted doesn't show any limitations. So it should just work.


----------



## kpa (Jun 22, 2015)

Look at the allow-query and allow-recursion configuration options:

http://www.zytrax.com/books/dns/ch7/queries.html#allow-query

http://www.zytrax.com/books/dns/ch7/queries.html#allow-recursion


----------

