BIND Option: allow-transfer

The option allow-transfer defines a list of addresses that are sequentially checked for the purpose of determine what IP addresses are to be allowed (or denied) the ability to transfer (copy) zone information for a domain.

You may enter the a match list as one would normally enter in a BIND zone file, and as illustrated in the examples below. Specific things to note are as follows:


1. Deny zone transfer to all:
2. Deny zone transfer to all but one IP address:; none;
3. Deny zone transfer to all but SecuritySpace's name servers (useful if you are using us as slaves, but still want to deny zone transfers to everyone else):;;;;; none;
4. Allow one network (with one IP excepted) access:
    !;; none;
The above example will disallow zone transfers to be done for IP address, will allow the remainder of this /24 to perform zone transfers, and everyone else will be disallowed.

5. Allow anyone access: