Slaves and views

Mark Andrews marka at isc.org
Fri Mar 4 22:36:56 UTC 2011 

In message <79391B3D-6106-420B-9056-717A5E5FA2AE at cornell.edu>, John Wobus write
s:
> Hi,
> 
> Can a zone file a slave in one view and the same zone file
> be served by another view?
> 
> I'm going to split our authoritative servers into internal
> and external views.  My question concerns zones that we
> secondary for other organizations, slaved to masters at
> their sites.
> 
> I know I could configure each of their zones with separate files
> in each the two views, listen/use an additional address that
> accesses our local view, and tell these peer organizations to
> notify and allow transfers from this additional address.
> I'm not (yet) worried about dynamic updates, if there are
> any.
> 
> Is there a way I can handle their zones without making
> these other sites configure another address, and I still
> run just one bind instance?
> 
> Other ideas are: running a separate bind instance for
> these zones, or making one view a slave to the other.
> Possibly forwarding of some kind, another thing I haven't
> done much.
> 
> John Wobus
> Cornell

Any file named writes, slave, dynamic master, should not be shared.

That said you don't need to change how zone are transfered between
you and the master.  You can just transfer them internally from
one view to the other.

key "external.key" {
	....
};

acl internal-clients {
	...
	127.0.0.1;
};

view "internal" {
	match-clients {
		!key external.key; 
		internal-clients;
	};
        zone "example" {
                type slave;
                file "slave/internal/example";
                masters { 127.0.0.1 key external.key; };
        };
};

view "external" {
	match-clients {
		key external.key; 
		any;
	};
        zone "example" {
                type slave;
                file "slave/external/example";
                masters { .... };
		allow-transfer { external.key; };
		also-notify { 127.0.0.1; };
        };
};

> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list