Transfert zone with multi-views to slave server
Studer Olivier
Olivier.Studer at hefr.ch
Wed Dec 21 08:13:26 UTC 2005
Hello,
I have read this news http://sysadmin.oreilly.com/news/views_0501.html
but it's only specified for two views update the all zone.
But on my primary server, thye are three views, one for the
vpn_connection (with a range of my class B), one internal (the all class
B), and one for the external. Now my problem is how to configure the
named.conf file on the master and the slave server to have automatic
zone tranfer. I don't know if how to configure this both file to have
this functionnality.
My configuration of the both servers is :
Solaris 10 (no container)
SMC BIND 9.3.1 for www.sunfreeware.com
Sun Fivre V100
named.conf from master server
========================
// ACL configuration
// definition des ip client VPN
acl "vpn" { x.x.163.0/24; };
// definition des ip client intern
acl "internals" { x.x.0.0/16; };
// definition du ou des serveurs dns esclave
acl "slaves" { x.x.8.103; x.x.8.200; x.x.8.201; };
// definition de l'acl pour authoriser le serveur de faire des requetes
acl "itself" { localhost; x.x.8.102; };
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
query-source address * port 53;
allow-query { any; };
version "";
allow-transfer { slaves; };
notify yes;
};
// definition la structure de la cle par ce host
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc-key; };
};
// section de logging
logging {
channel chan1 {
severity debug 3;
file "/var/named/data/log.txt";
print-time yes;
print-severity yes;
print-category yes;
};
category "default" {
chan1;
};
};
// View VPN
view "vpn_view" {
match-clients { !1x.x..8.200; !x.x.8.201; vpn; };
zone "hefr.ch" in {
type master;
file "hefr.hosts.vpn_view";
allow-update {none;};
allow-transfer { none; };
also-notify { x.x.8.201; };
};
};
//View Internal
view "internal_view" {
match-clients { !x.x.8.200; !x.x.8.201; internals; };
zone "hefr.ch" in {
type master;
file "hefr.hosts.internal_view";
allow-update {none;};
allow-transfer { any; };
};
};
//View external
view "external_view" {
match-clients { any; };
recursion no;
allow-query { any; };
zone "hefr.ch" in {
type master;
file "hefr.hosts";
allow-update {none;};
allow-transfer { none; };
also-notify { x.x.8.200; };
};
};
named.conf from slave server
=====================
// ACL configuration
// definition des ip client VPN
acl "vpn" { x.x.163.0/24; };
// definition des ip client intern
acl "internals" { x.x.0.0/16; };
// definition du ou des serveurs dns esclave
acl "slaves" { x.x.8.103; };
// definition de l'acl pour authoriser le serveur de faire des requetes
acl "itself" { localhost; x.x.8.103; };
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
query-source address * port 53;
allow-query { any; };
version "";
allow-transfer { none; };
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc-key; };
};
logging {
channel chan1 {
severity debug 3;
file "/var/named/data/log.txt";
print-time yes;
print-severity yes;
print-category yes;
};
category "default" {
chan1;
};
};
// View VPN
view "vpn_view" {
match-clients { vpn; };
zone "hefr.ch" in {
type slave;
masters { x.x.8.102; };
file "hefr.hosts.vpn_view";
transfer-source x.x.8.201;
allow-transfer { any; };
};
};
//View Internal
view "internal_view" {
match-clients { internals; };
zone "hefr.ch" in {
type slave;
masters { x.x.102; };
file "hefr.hosts.internal_view";
transfer-source x.x.8.103;
allow-transfer { any; };
};
};
//View external
view "external_view" {
match-clients { any; };
recursion no;
allow-query { any; };
zone "hefr.ch" in {
type slave;
masters { x.x.8.102; };
file "hefr.hosts";
transfer-source x.x.8.200;
allow-transfer { none; };
};
};
I need an urgent help for this problem.
Thanks for your help
/Olivier
More information about the bind-users
mailing list