Doubt regarding acls and internal and external view.
Leonard Mills
lenm at yahoo.com
Fri May 22 18:06:10 UTC 2015
I think you meant to say: WWW and any other server/service --> zone db.internalOtherfwise have your cogent explanation ready for the executive of your choice complains loudly "Our web site is down!!!! Our customers MUST have reliable access to our site!!!!!"
(Many executives will not think to start a remote browser or use a reliable public service to check eternal DNS answers.)
HTH,Len
On Friday, May 22, 2015 7:47 AM, Elias Pereira <empbilly at gmail.com> wrote:
Hello everyone,
I have a doubt regarding acls and internal and external view.
If I have some servers and among them, one only has access part of the "external (world)" to "internal (my infrastructure)." That would be the site (www). The rest is only internal.
Like that:
www --> zone db.externalany other server/service --> zone db.internal
acl "clients" { localhost; 192.168.1.1/24; 172.16.1.1/24;};
view "internal" { match-clients { clients; }; recursion yes;
zone "internal" { type master; file "/etc/bind/db.internal"; };
};
view "external" { match-clients { any; }; recursion no; additional-from-auth no; additional-from-cache no;
zone "external" { type master; file "/etc/bind/db.external"; };};
Thus I should only put the site in a zone that is in the external view and the other servers on the internal view, would it?
--
Elias Pereira
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150522/74e9d952/attachment.html>
More information about the bind-users
mailing list