One bind instance to handle faked root and caching-only name server possible?
Kevin Darcy
kcd at chrysler.com
Mon May 12 18:53:27 UTC 2008
schilling wrote:
> Hi All,
> I am trying to have a setup to meet the following need:
> 1) if the query sources are from network 10.10.10.0/24, the query will be
> handled by a caching-only name server, query will be forwarded to legitimate
> name server for resolution if there is cache miss.
> 2) if the query sources are from network 10.10.20.0/24, no matter what the
> query is, the named server will return one fixed IP address for example
> 192.168.1.1. Basically, this will be a faked root server.
>
> I knew I can do it with two NIC cards with two IP addresses and two instance
> of bind.
>
> Is it possible to have similar setup with one NIC, one IP address and with
> different views?
>
>
Yes, one view would be configured with forwarders, the other would be
configured with only the fake root zone, containing a wildcard A record,
as "type master". Use match-clients to select which clients get which
view. You'll also need to decide what unmatched clients will see, i.e.
if you should ever get a query from something that's not in
10.10.10.0/24 or 10.10.20.0/24.
- Kevin
More information about the bind-users
mailing list