Views and recursion

Tue Oct 5 20:07:43 UTC 2004

The config below should disable recursion for the 'external' view. 
A couple of things I would look closely at are:

1.  Are you sure this is the named.conf file that named is using.  I 
notice that you are running a chroot environment.  Check to make sure that 
the file below is in the right place.

2.  Are you sure that the client used to test the external view is 
presenting itself to the name server from an IP address that is *not* in 
the 192.168/16 address space?

3.  Does named pull any errors when you restart named?

4.  Does this file pass named-checkconf?

hth,

Dave...

bind-users-bounce at isc.org wrote on 10/05/2004 02:32:59 PM:

> Hey,
> 
> On Tue, Oct 05, 2004 at 10:14:00AM -0400, David Botham wrote:
> > Yes.  Post your actual config so we can help you.
> 
> Okay here goes:
> 
> acl "internal" { 192.168/16; };
> 
> /* Global options */
> options {
>         directory "/var/chroot/named/etc/namedb/";
>    version "Guess";
>    recursion no;
>    recursive-clients 100;
> };
> 

[cliped key and logging statements that should not effect us... but, 
thanks for posting them for completeness]

> 
> /* My views */
> 
> view "internal" {
> 
>    match-clients { "internal"; };
>         recursion yes;
> 
>    zone "ipv6.dk" {
>       type master;
>       file "/var/chroot/named/etc/namedb/db.ipv6.internal";
>    };
> 
>    zone "2.168.192.in-addr.arpa" {
>       type master;
>       file "/var/chroot/named/etc/namedb/db.192.168.2";
>    };
> 
>    zone "3.168.192.in-addr.arpa" {
>       type master;
>       file "/var/chroot/named/etc/namedb/db.192.168.3";
>    };
> 
>    zone "4.168.192.in-addr.arpa" {
>       type master;
>       file "/var/chroot/named/etc/namedb/db.192.168.4";
>    };
> 
>    /* loopback zone address-to-name */
>    zone "0.0.127.IN-ADDR.ARPA" in {
>               type master;
>               file "/var/chroot/named/etc/namedb/db.127.0.0";
>    };
> 
>    /* root hint zone */
>    zone "." in {
>               type hint;
>               file "/var/chroot/named/etc/namedb/db.cache";
>    };
> };
> 
> view "external" {
> 
>    match-clients { any; };
>         recursion no;
> 
>    zone "ipv6.dk" {
>       type master;
>       file "/var/chroot/named/etc/namedb/db.ipv6.external";
>               allow-transfer { 80.63.205.140; 193.88.144.238; 
217.157.39.7; 
> 80.199.169.165; };
>    };
> 
>    /* ipv6.dk zone address-to-name */
>    zone "163.242.212.IN-ADDR.ARPA" in {
>               type master;
>               file "/var/chroot/named/etc/namedb/db.212.242.163";
>               allow-transfer { 80.63.205.140; 193.88.144.238; 
217.157.39.7; 
> 80.199.169.165; };
>    };
> 
>    /* root hint zone */
>    zone "." in {
>               type hint;
>               file "/var/chroot/named/etc/namedb/db.cache";
>    };
> };
> 
> 
> 
> -- 
> Regards,
>  Tim
> 