intelligent NAMED

[Kevin Darcy]

Clenna Lumina wrote:
> Kevin Darcy wrote:
>   
>> As others have pointed out, you can do this with "view"s, but the
>> downside of that approach is that you have to maintain the data of
>> each "view" in parallel, and it can get messy and complicated to
>> ensure that masters and slaves are transferring zones via the right
>> "view".
>>     
>
> I believe this can be alleviated somewhat why having a "shared" zone 
> file that's $INCLUDE'ed into all the view-specific zone files. That way 
> data that needs to be consistent regardless of view doesn't need to be 
> maintained redundantly.
>   
That works on the master, and only if you're not using Dynamic Update. 
But you still have the challenge of making sure the slaves get the right 
"view"s of the various zones. It's possible, but, as I said, potentially 
messy and complicated. One option is to use TSIG signatures for 
differentiating views between masters and slaves, with a side benefit 
being enhanced security.

                                                                         
                     - Kevin