Sortlist and individual zones

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Thu Jan 29 20:41:46 UTC 2004 

Brian Miller <bmiller at telstra.com.au> wrote:
> Barry Margolin wrote:
>> In article <bv6kd7$747$1 at sf1.isc.org>,
>>  Brian Miller <bmiller at telstra.com.au> wrote:
>>=20
>>=20
>>>I have been asked to look into setting up out companies internal DNS t=
o
>>>return different IP addreesses for a specific RR based upon the locati=
on of
>>>the client (clients in each state get the IP address of a local server=
).
>>>
>>>I can differentate between the clients easily enough based on their ne=
twork,
>>>and it looks like I could do what's needed with the "sortlist" option.
>>=20
>>=20
>> I don't think this will work as you hope.  Clients don't generally que=
ry=20
>> authoritative nameservers directly, they query their local caching=20
>> nameserver, and the caching server recurses to contact the authoritati=
ve=20
>> servers.  Unless the caching server's admnistrator has overridden the=20
>> default settings, it will perform its own round-robin rotation of the=20
>> addresses, losing the ordering that you set up with sortlist.
>>=20
>> What you need to use is views.  You'd need a different version of the=20
>> zone file for each block of addresses, containing just the server for=20
>> that area.
>>=20

> Thanks for that.

> I know that views is a BIND 9 feature that will do as I want, but how
> will the authorative name server know the IP address of the client if=20
> they have gone via an intermediate cache server? Is this passed in the=20
> refered request from the caching server to the actual master? I had a=20
> quick look at a few refered requests with Ethereal and didn't see the=20
> clients IP address in the request.

The authorative name server will see the address of the intermediate cach=
e server
and sort the respons in accordiance with your demands.=20
But the cache server will reply in accordiance with it's own rules,
and will also cache the RR and respond to the next client with the
cached values(and in this case the authorative name server will not
even be aware about it.

> Brian Miller



--=20
Peter H=E5kanson        =20
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out=
,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list