Resolve only authoritative domain for internet/public addresses
Jukka Pakkanen
jukka.pakkanen at qnet.fi
Sun Jul 8 08:32:48 UTC 2012
Why not just:
acl "X" {A; B, C; ...; };
options {
...
allow-query { "any"; };
allow-recursion { "X"; };
...};
Jukka
8.7.2012 11:24, Phil Mayers kirjoitti:
> On 07/08/2012 07:15 AM, Mr BeEye wrote:
>> Hello all.
>>
>> Let's have a finite list of IPv4 (private and public) addresses, e.g.
>> {A, B, C, ... N}.
>>
>> It is possible to configure BIND in the way:
>> 1) BIND resolves EVERYTHING for {A, B, C, ... N}.
>> 2) BIND resolves ONLY its authoritative domain for internet excluding
>> {A, B, C, ..., N}.
>>
>
> Yes. Use a view:
>
> view internal {
> match-clients { a; b; c; ... n; };
> recursion yes;
> zone ... {
> }:
> };
>
> view external {
> zone ... {
> };
> };
>
> However, views are tedious in many ways. You need a copy of your
> authoritative zones in each view, and have to arrange the AXFR/NOTIFY
> to go to the right place. It's much easier IMO to run two different
> copies of bind on two different IPs (or machines).
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list