Stumped re dynamic updates and multiple views
/dev/rob0
rob0 at gmx.co.uk
Wed Aug 3 16:03:25 UTC 2005
Auer Karl James wrote:
> We are considering movinbg to a system where we have one view for
> external users and one view for internal users, maunly because we habve
> LOTS of internal addresses that are presently visible to the outside
> world.
>
> What we want is for external users to be unable to resolve names that
> have private addresses. Internal users should be able to resolve public
> and private addresses.
>
> So far so good - we just set up two views and it's done. But: We use
> DHCP and DDNS for both address spaces. The DHCP servers do our dynamic
> updates. Getting updates for private addresses into the internal view is
> no problem, but how do we get updates for our public addresses into BOTH
This is much like what I was on about recently:
Message-ID: <42D49A68.6050603 at gmx.co.uk>
Date: Tue, 12 Jul 2005 23:36:56 -0500
From: /dev/rob0 <rob0 at gmx.co.uk>
To: bind-users at isc.org
Subject: views and zone overlap
My situation is that I want to have example.net as a dynamic DHCP zone
here at home, and yet still be able to resolve the example.net records
I'm serving to the world.
The difference is that only one of my zones is dynamic.
> I'm hoping there's an obvious solution that I've missed... feel free to
If there is, no one has come forth with it in three threads in the past
month. $INCLUDE was suggested, but that is not workable with dynamic
zones. I think you might have to resort to non-DNS methods. The only DNS
solution I can imagine here is to use a different subzone: example.com
served to the world, private.example.com for your internal records.
Feature request? Some sort of fallback resolution for an authoritative
zone; if NXDOMAIN in the local data, try an external nameserver? Some
way to merge zone data from another [set of] master[s]? Really I don't
know what would be the best approach, just that this is beginning to
look like a FAQ here.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
More information about the bind-users
mailing list