split dns problem

[Dixon, Justin]

Read the faqs about zone-transfers with views on ISCs website.

You will need to setup TSIG keys for the views in order for the
transfers to work correctly.

Justin Dixon

> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Per
> olof Ljungmark
> Sent: Sunday, October 21, 2007 04:41
> To: bind-users at isc.org
> Subject: split dns problem
> 
> Hi,
> 
> I am experimenting with the bind9 "split-view" feature and started out
> with the following example:
> 
> view "trusted" {
>   match-clients { 192.168.23.0/24; }; // our network
>    recursion yes;
>    zone "example.com" {
>     type master;
>     // private zone file including local hosts
>     file "internal/master.example.com";
>    };
>    // add required zones
>   };
> view "badguys" {
>   match-clients {"any"; }; // all others hosts
>   // recursion not supported
>   recursion no;
>   };
>   zone "example.com" {
>     type master;
>     // public only hosts
>     file "external/master.example.com";
>    };
>    // add required zones
>   };
> 
> 
> The setup I'm aiming at is for a config with external, internal and
dmz
> hosts. Right now I've got it working fine for the external and
internal
> hosts, but the dmz zones presents a problem in that they refuses to
> transfer to a slave:
> 
> "refresh: non-authoritative answer from master"
> 
> So, is it at all possible to do as above with identical zone name and
> two different zone files in two views? Googling for the subject makes
me
> believe it should be but apparently I am missing something.
> 
> Thanks for any pointers.
> 
> --per
> 
>