BIND 9 views and forwarding

[Kevin Darcy]

Dan Astoorian wrote:

>I'm trying to set up views which are identical except for a handful of
>records.
>
>With BIND 9.2.1, is it valid for a "view" statement to have a
>forwarders{} statement which forwards queries to a different view on the
>same server?  E.g.:
>
>    view "foo" {
>	match-clients { 10.10.10.0/24; };
>	zone "special.example.com" {
>	    type master;
>	    file "/zones/db.special";
>	};
>	forward only;
>	forwarders { 127.0.0.1; };
>    };
>    view "default" {
>	match-clients { any; };
>	zone "example.com" {
>	    type slave;
>	    file "/cache/example";
>	};
>	// etc.
>    };
>
>The zone "special.example.com" contains only an A record (plus the SOA
>and NS records required for the delegation); a lookup from 10.10.10.0/24
>should return the A record in that file, but from elsewhere it should
>return the A record from the parent zone fetched from the authoritative
>server.  I try to accomplish this by forwarding the query to an address
>which matches the default view.
>
>I'm considering doing this so that I don't have to repeat all of the
>slave zones inside each view with distinct "file" arguments for every
>single view.
>
>Is this approach legitimate, or might BIND run into problems forwarding
>queries to itself like this?  
>
Did you try it? Did it work? Were there any problems?

>(Is there a more conventional solution to
>this problem that doesn't require duplicate copies of all the slave zone
>cache files?)
>
Not that I'm aware of. I'm not sure why you'd need duplicate copies of 
slave files though -- if those zones are properly delegated you should 
be able to resolve anything in them without being a slave for them 
(assuming that you have recursion enabled for the internal view).

                                                                        
                                        - Kevin