BIND sortlist Question
Merton Campbell Crockett
m.c.crockett at roadrunner.com
Tue Oct 21 03:36:16 UTC 2008
I've found that the "sortlist" global option could solve several
issues with the Windows "stub resolver", VLANs, and our DMVPN WAN
implementation. We would like to have a standard named.conf file that
could be used at all sites. Below is an example of a "standard"
sortlist.
sortlist {
{ "campus_net"; { "ad_dc_net"; "campus_net"; "enclave_net" ;
"access_net"; }; };
{ "enclave_net"; { "enclave_net"; "campus_net"; "access_net"; };
{ "access_net"; { "access_net"; "campus_net" ; "enclave_net"; };
};
All sites have an "ad_dc_net" that defines where the preferred Windows
AD domain controllers for the site are located. The "access_net"
defines the networks used for the network infrastructure, i.e. DMVPN
routers, firewalls, etc. The "campus_net" defines the networks used
on the campus. The "enclave_net" defines networks used to support
engineering enclaves that are segregated from the corporate network.
The above sortlist works fine at our engineering sites as they will
have, at least, one engineering enclave. Unfortunately, we have a
number of sites where no unclassified development is being done.
If I used the following acl in the site specific include file, would
there be a problem with the above sortlist?
acl "enclave_net" { none; };
Merton Campbell Crockett
m.c.crockett at roadrunner.com
More information about the bind-users
mailing list