View cause NXDOMAIN ERROR (bind 9.x)

[Barry Margolin]

In article <a1n2r8$4sr at pub3.rc.vix.com>,
Jason Bowsher <jason.bowsher at mail.com> wrote:
>Hello
>
>I am trying to setup Bind 9.2.0 on Redhat 7.1 to use views for split DNS.  I
>am able to get authorative answers for dig lookups on reverse 127.0.0.0/24
>addresses but not on 10.10.1.0/24 when I create bind 9 views.  Authorative
>answers are obtained for all zone when not created as views.
>
>Can anyone please suggest what is wrong with my configuration.
....
>below is my named.conf for these reverse zones
>
>view "external-127" {
>match-clients { any; };
>zone "0.0.127.in-addr.arpa" {
>type master;
>file "pz/0.0.127.in-addr.arpa";
>file://allow-update { none; };
>};
>};
>
>
>view "internal-10.10.1" {
>match-clients { any; };
>zone "1.10.10.in-addr.arpa" {
>type master;
>file "pz/1.10.10.in-addr.arpa";
>file://allow-update { none; };
>};
>};

You have two views that match the same set of clients.  BIND will use the
first view that matches the client address, which is external-127.  That
view doesn't contain the 1.10.10.in-addr.arpa zone, so the server won't
answer authoritatively for that zone.

In other words, you should organize your views based on the clients, not
the zones.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.