question about include syntax in /etc/named.conf

Mon Jul 5 15:22:03 UTC 2004

>>>>> "John" == John Ho <magiciq at noordbrabant.net> writes:

    John> Hi all, My platform is HP-UX 11i + BIND 9.2.0 I have two
    John> view's (acl) in the /etc/named.conf.  

The current release of BIND9 is 9.2.3. Upgrade.

    John> Every time I have to do twice editing in that file if I have
    JohN> to add a zone in it. 

That's correct. Every zone file inside view{} statements is an
independent, autonomous entity. [If not, there would be just one zone
file for a given zone because its contents didn't change between
views. SO why deploy views in that case?] Since the zone files are
supposed to be independently managed, this means you may have to
update multiple copies of the zone, one per view, whenever the zone's
contents change. If this repetition is a problem, store the zone data
in some sort of metafile and use that to generate the zone files. But
always keep the zone files separate and don't make them dependent on
sharing data using $INCLUDE directives. Unless you want to have
painful DNS administration that nobody can understand.

    John> I heard you can decrease you work by using "include" syntax?

That's not correct. It can be done. But it makes for dreadful
administration and maintenance problems in the long run. Sharing
fragments of zone files with $INCLUDE directives is a recipe for
trouble. You wouldn't do this for noordbrabant.net and noordbrabant.nl,
would you? So why do it for the internal and external views of say
noordbrabant.net?

I would also STRONGLY advise you to get rid of these forwarding setups
you showed. These are an even bigger disaster waiting to happen. Consult
the list archives for details.