Different Results for Different Subnets

Andris Kalnozols andris at spica.hpl.hp.com
Tue Jul 24 23:01:27 UTC 2001 

> >  At 8:15 AM -0700 7/24/01, Roger Clark wrote:
> >
> >  I cannot think of anyway of doing this, but I thought I would ask.  Is
> >  it possible to setup a host name so that a certain address range gets
> >  one IP address and a different address range gets another?  For
> >  example: query host.example.com from address range 192.168.1.10 to
> >  192.168.1.100 returns 192.168.1.1 but query host.example.com from
> >  192.168.1.101 to 192.168.200 returns 192.168.1.2.
> 
> Brad Knowles <brad.knowles at skynet.be> wrote:
>
> 	Sure.  Use the "views" mechanism in BIND 9.  You can read more 
> about this at <http://sysadmin.oreilly.com/news/views_0501.html>, but 
> you really should buy the 4th edition of the book _DNS and BIND_ by 
> Paul Albitz & Cricket Liu (published by O'Reilly & Assoc.).

Another way which may be sufficient for your needs is to assign
'host.example.com' multiple IP addresses and implement a sortlist, e.g.,

  host.example.com.     A     192.168.1.1      ; on net 192.168.1.0/31
                        A     192.168.1.2      ; on net 192.168.1.2/31

In your configuration file:

  options {
           ...
           sortlist { {192.168.1.0/25;   192.168.1.0/31;};
                      {192.168.1.128/25; 192.168.1.2/31;};
           };

Queries with a source IP of 192.168.1.[0-127] will get an answer
that has 192.168.1.1 always appearing first.  Queries from the
source IP range of 192.168.1.[128-255] will get 192.168.1.2 as
the first answer.

However, this method has the following limitations:

  1. Every nameserver which may be queried by a client resolver
     for which you want to manage the response *must* implement
     the desired sortlist.  If someone decides to run their own
     caching nameserver without your sortlist, they'll get random
     results.  Views are not subject to this kind or entropy.

  2. For every domain name for which you want a selective response,
     you'll have to assign it multiple IP addresses on the appropriate
     networks.  With the "views" mechanism the task is one IP address
     per view so this aspect of IP management can be considered a wash.

  3. You may have multi-address domain names for which you want
     IP addresses returned in random order as a load-balancing
     mechanism.  This will be defeated if the sortlist criteria
     is matched.  In BIND 8, you can specify per-domain name/RRtype
     ordering as an override with the 'rrset-order' configuration
     option.  However, this is yet another specific configuration
     that must be present on every nameserver as in #1 above.

  4. Although sorted, every one of these custom responses has two
     or more IP addresses.  If you do not want the possibility of
     client software caching or falling back to one of the secondary
     addresses, then you must use views instead.

HTH,

Andris Kalnozols
Hewlett-Packard Laboratories
andris at hpl.hp.com

More information about the bind-users mailing list