I specify subject: split view, match-recursive-only, non-authoritative answer from master
Chris Buxton
chris.p.buxton at gmail.com
Wed Dec 21 16:40:46 UTC 2011
No, that's not correct. You can use TSIG keys to differentiate between views, without using separate interfaces. However, this will not solve the problem -- removing match-recursive-only will solve the problem.
Regards,
Chris Buxton
BlueCat Networks
On Dec 21, 2011, at 2:23 AM, Gelo wrote:
> Hi,
>
> Maybe this can help you.
>
> First you need two network interfaces with diferent ip.
>
> At the internal view declaration add transfer-source 192.168.11.x; ( has to be different from your public/external)
>
> In the zone statement, you must specify the private IP address of your slaves, at allow-transfer clause
>
> I hope you worth something.
>
>
> regards.
> Gelo
>
> 2011/12/21 Konstantin V. Krotov <kkv at insysnet.ru>
> 21.12.2011 13:54, Konstantin V. Krotov пишет:
> Hello, list!
> I have split view on my name-servers (master and slave), for internal
> and external clients i have zone with similar names, but different content.
> Part of config named.conf on master:
>
> view "internal" {
> match-clients { myclients; };
> recursion yes;
> match-recursive-only yes;
> allow-recursion { myclients; };
> ...
> zone "10.168.192.in-addr.arpa" {
> type master;
> file "10.168.192.in-addr.arpa.db";
> allow-transfer {transfer_acl;};
> allow-update {none;};
> };
> ...
> }
>
> view "external" {
> match-clients { "any"; };
> recursion no;
> ...
> [here descriptions of zone]
> }
>
> Well, then i have "match-recursive-only yes" directive in "internal"
> view, slave name-server report: "zone
> 10.168.192.in-addr.arpa/IN/internal: refresh: non-authoritative answer
> from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
> match-recursive-only no, zone transfer to slave all right. There i have
> wrong? Thx.
>
>
> --
> WBR, Konstantin V. Krotov
> CJSs "Information Systems"
> mailto: kkv at insysnet.ru
> phone: +7 (8332) 51-35-95
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20111221/77c43a0d/attachment.html>
More information about the bind-users
mailing list