Splitting private IP and Public IP
Chris Buxton
cbuxton at menandmice.com
Tue Jun 17 18:51:11 UTC 2008
On Jun 17, 2008, at 11:33 AM, jonr at destar.net wrote:
> Quoting Jonah Simandjuntak <jonahs at tiopan.com>:
>
>> Hello,
>>
>> Our previous DNS administrator had mixed public and private IPs in
>> the same domain.
>>
>> I'm wondering, is there in bind 9.2.4 configuration that I can allow
>> public to see the public only IPs (i.e. 69.148.5.2) and internal
>> network can see both public and private IPs?
>>
>> Thanks,
>>
>> --Jonah
>
> I believe what you are looking for is what is called 'views'.
Hold on there... You can't just suggest views without conveying the
full complexity of this feature.
What you can do, Jonah, is create a split namespace - two copies of
the zone, hosted on separate servers or in separate views on the same
server. Unless you resort to a rather complex and strange
configuration (involving forwarding between views, but there's more to
it than that), you cannot avoid duplicating the external data in the
internal version of the zone.
The BIND 9 views feature is sort of like virtual hosting in web
servers - multiple configurations, side-by-side on the same server,
that don't really have much to do with each other. In the case of
views, this is commonly used to create overlapping public and private
namespaces. Regardless of the particular use, each view is essentially
a separate named.conf, inside your actual named.conf; there are a few
things shared between views, such as the global logging statement, but
otherwise each view is a distinct name server configuration.
Chris Buxton
Professional Services
Men & Mice
More information about the bind-users
mailing list