Secondary for a server with views
Jonathan Horne
freebsd at dfwlp.com
Fri Apr 20 11:56:26 UTC 2007
On Thursday 19 April 2007 21:25:52 you wrote:
> In article <f08n78$2k9c$1 at sf1.isc.org>,
>
> Bowie Bailey <Bowie_Bailey at BUC.com> wrote:
> > I am attempting to use views to combine two of my DNS servers. Setting
> > up the views is easy enough, but I'm confused about how to configure the
> > master/slave relationships.
> >
> > The main server will have an external view and an internal view. The
> > secondary server will need to mirror both of those views.
> >
> > How can I have the secondary server mirror the external view? If I tell
> > it that a zone is a slave, how can it query the master for the external
> > view of the zone rather than the internal view? The documentation
> > mentioned using "keys" for this, but I could not find any examples.
>
> The slave server needs to have two IPs, one in the external view and the
> other in the internal view. Then use the transfer-source option in each
> view to make it use the appropriate IP when pulling from the master.
also, for the view, you are going to have an ACL set up defining the internal
network. you will need to set the 2nd ip of your slave to be ignored.
eample:
};
acl "Mynets" {
192.168.125.0/24; # Private Internal Network
};
view "internal" {
match-clients { !192.168.125.63; Mynets; };
...
as you can see, i have set 192.168.125.63 to be an invalid ip for the ACL on
the internal view. this will cause the slave (when used with
transfer-source) to get the external copys of the zones (since their ACL will
be "match-clients { any; };"
hth,
--
Jonathan Horne
http://dfwlpiki.dfwlp.org
freebsd at dfwlp.com
More information about the bind-users
mailing list