CentOS - Jun 2010 - BIND: listen-on and allow-recursion

Hi,

I'm currently trying to get a grasp on DNS and Bind. I admit the 
documentation is quite confusing, either too laconic or way too 
detailed. So I'm trying to start from a working example, and then bite 
my way through it.

I have a sample named.conf file from Carla Schroder's Linux Cookbook. In 
the opening global options, I have this :

listen-on {
	127.0.0.1;
	10.11.12.1;
};
allow-recursion {
	127.0.0.0/8;
	10.11.12.0/24;
};

As far as I understand, the purpose of these two stanzas is to limit 
access to the DNS server to 1) the server itself and 2) the local 
10.11.12.0/24 network. In that case, there seems to be some redundancy 
in the syntax. Correct me if I'm wrong.

Can someone please explain (in plain words) the exact meaning of these 
stanzas ?

Thanks,

Niki

From: Niki Kovacs <contact at kikinovak.net>
> listen-on
> allow-recursion
> As far as I understand, the purpose of these two stanzas is to limit 
> access to the DNS server to 1) the server itself and 2) the local 
> 10.11.12.0/24 network. In that case, there seems to be some redundancy 
> in the syntax. Correct me if I'm wrong.
listen-on : the daemon will listen on these IPs for any dns queries
allow-recursion : IPs allowed to issue recursive queries
http://www.zytrax.com/books/dns/

JD