stub zones and recursion ?

vincent.blondel at ing.be vincent.blondel at ing.be
Wed Apr 2 12:34:47 UTC 2008 

Does anybody get an idea to solve next problem ?

I get some bind 9.2.3 resolvers, all configured the same way. All of
them are configured with some views, each of them dedicated to specific
clients. We get the default view recursively answering all queries to
anybody. We also get another one where I am trying to non-recursively
answer queries but without getting data locally.

A little example ..

let's immagine we get lab.intranet. and srv.lab.intranet. defined on two
authoritative bind servers. On the other hand I get wks.lab.intranet
configured on a Ms Dns with WINS/backwards activated. 

Now I would like giving access my users to zones lab.intranet and
wks.lab.intranet ONLY. What are the solutions for it ?? I cannot simply
replicate zones on each servers because ISC BIND does not comply with
records 'IN WINS' (specific to Ms Windows Dns). So I try to define zones
as forward or stub, I am also playing with allow-recursion, recursion
but have not find any solution to my problem.

view "xx" in {

    match-clients {xx;};
    allow-query {xx;};
    allow-recursion {xx;};
    recursion xx;

    zone "." in {
        type hint;
        file "xx/db.root";
    };

    zone "lab.intranet." {
        xx
    };
    zone "srv.lab.intranet." {
        xx
    };
    zone "wks.lab.intranet." {
        xx
    };
};

Your help is really appreciated.

Regards
Vincent.
-----------------------------------------------------------------
ATTENTION:
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified that
any disclosure, reproduction, distribution or use of this
message is strictly prohibited. Please inform the sender by
reply transmission and delete the message without copying or
opening it.

Messages and attachments are scanned for all viruses known.
If this message contains password-protected attachments, the
files have NOT been scanned for viruses by the ING mail domain.
Always scan attachments before opening them.
-----------------------------------------------------------------

More information about the bind-users mailing list