Problems in views in a zone transfer

Luis Silva luisfilsilva at gmail.com
Thu May 26 17:52:51 UTC 2011 

Hi all,

I think I have found a solution. Don't know if it is the best one:

For example, for view1 i added "!key view2-resolver;" to the match-clients.

view "VIEW1" {

       match-clients {
          !key view2-resolver.;
          10.112.25.184;     // IPs you want to access this view
          10.112.25.185;     // Note: you must include the IP of
                             // the master to receive notifications.
      };

      server 10.112.25.184 {keys view1-resolver.; };   // master

      zone "test.domain.pt" IN {
        type slave;
        notify no;
        masters {10.112.25.184 port 40001;};
      };
};

Is there a best way?

Regards and thanks,
Luis


On Thu, May 26, 2011 at 3:32 PM, Luis Silva <luisfilsilva at gmail.com> wrote:

> Hi all,
>
> I have this configuration in the zone.conf:
>
> view "VIEW1" {
>
>        match-clients {
>           10.112.25.184;     // IPs you want to access this view
>           10.112.25.185;     // Note: you must include the IP of
>                              // the master to receive notifications.
>       };
>
>       server 10.112.25.184 {keys view1-resolver.; };   // master
>
>       zone "test.domain.pt" IN {
>         type slave;
>         notify no;
>         masters {10.112.25.184 port 40001;};
>        };
> };
>
> view "VIEW2" {
>
>        match-clients {
>           10.112.25.184;     // IPs you want to access this view
>           10.112.25.186;     // Note: you must include the IP of
>                               // the master to receive notifications.
>       };
>
>       server 10.112.25.184 {keys view2-resolver.; };   // master
>
>       zone "test.domain.pt" IN {
>         type slave;
>         notify no;
>         masters {10.112.25.184 port 40001;};
>       };
> };
>
>
> And I sent a notify request to this element, with a TSIG key associated
> with View2, but apparently it didn't work since it was View 1 o requested
> the zone transfer. Checking the logs I've discovered this:
>
> 26-May-2011 15:24:09.506 notify: info: client 10.112.25.184#47627: view
> VIEW1: received notify for zone 'test.domain.pt': TSIG 'view2-resolver'
>
> Am I doing something wrong?
>
> Many thanks,
> Luis
>
>
> On Tue, May 24, 2011 at 3:13 AM, Mark Andrews <marka at isc.org> wrote:
>
>>
>> In message <BANLkTimWMNeGkKN6CJgvkk39rXCFHBTHJw at mail.gmail.com>, Luis
>> Silva wri
>> tes:
>> > Hi Steve,
>> >
>> > Many thanks for the answer. Just one question, when the master sends the
>> > notification, does the slave checks all views and see if the tsig
>> matches?
>> >
>> > Br,
>> > Ls
>>
>> NOTIFY, UPDATE and QUERY messages are treated indentically in terms of
>> view selection. i.e. first match.
>>
>> --
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110526/fc02f0d3/attachment.html>

More information about the bind-users mailing list