Exceptions for zones with DNS views
Sten Carlsen
stenc at s-carlsen.dk
Mon Oct 22 08:08:21 UTC 2012
On 22/10/12 9:32, Stefan Midjich wrote:
> I want to have an exception for certain zones that also exist in my
> main "wan" view.
>
> So I created an acl for the network that needs the exception.
>
> acl OtherNetwork {
> 10.0.2.192/28 <http://10.0.2.192/28>;
> };
>
> Then I made this block.
>
> view "OtherNetwork" {
> match-clients { OtherNetworkClients; };
> allow-recursion { OtherNetworkClients; };
> include "/etc/bind/views/othernetwork.zones";
> };
>
> This worked for the othernetwork.zones, but if I request any zones
> outside of this view I get no response.
>
> I want requests for other zones to be forwarded to the "wan" view
> where the rest of the zones are. How can I accompllish this with Bind?
> The only solution I can see now is to copy and maintain hundreds of
> zones for each view, there must be an easier way.
You should look at each view as a separate server without any connection
to the other servers.
Your "OtherNetwork" server has no other information than what you show
here, your other networks will be resolved by normal recursion from the
root up.
The traditional solution here is to include a copy of the other zones
here, separate files, not a reference to the same files, specially if
any kind of dynamic DNS is valid.
>
> --
> Hälsningar / Greetings
>
> Stefan Midjich
> [De omnibus dubitandum]
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20121022/9272601b/attachment.html>
More information about the bind-users
mailing list