Resolve only authoritative domain for internet/public addresses
Phil Mayers
p.mayers at imperial.ac.uk
Sun Jul 8 08:24:22 UTC 2012
On 07/08/2012 07:15 AM, Mr BeEye wrote:
> Hello all.
>
> Let's have a finite list of IPv4 (private and public) addresses, e.g.
> {A, B, C, ... N}.
>
> It is possible to configure BIND in the way:
> 1) BIND resolves EVERYTHING for {A, B, C, ... N}.
> 2) BIND resolves ONLY its authoritative domain for internet excluding
> {A, B, C, ..., N}.
>
Yes. Use a view:
view internal {
match-clients { a; b; c; ... n; };
recursion yes;
zone ... {
}:
};
view external {
zone ... {
};
};
However, views are tedious in many ways. You need a copy of your
authoritative zones in each view, and have to arrange the AXFR/NOTIFY to
go to the right place. It's much easier IMO to run two different copies
of bind on two different IPs (or machines).
More information about the bind-users
mailing list