Clients Matching Multiple Views
Mike Meredith
mike.meredith at port.ac.uk
Wed Apr 9 07:37:20 UTC 2014
Hi!
Using BIND 9.9 here ...
I have a collection of secondaries with various zone masters (the
majority BIND, some ActiveDirectory). Some of the secondary DNS servers
are for internal use only; some are externally visible, but all are
configured with a common configuration file.
I have a need to make _some_ zones visible only internally with an
alternate zone visible externally. But the overwhelming majority of the
zones remain as they are. I guess you could call this "partial
split-view".
I can do this in either of two rather inconvenient ways ... either I
split the configuration of the secondaries with the externally visible
ones configured differently to the internal ones, or I create two views
("internal" and "external") with the overwhelming majority of the zones
defined twice.
Neither option seems appealing.
What I've also tried is to create three views with configurations
like :-
view "default" {
match-clients { any; };
recursion no;
/* The majority of the zones */
};
view "internal" {
match-clients { internal; };
recursion yes;
/* The internal zones */
};
view "external" {
match-clients { external; };
recursion no;
/* The external zones */
};
... so that if a client matches multiple views, it tries each in turn.
However that doesn't seem to work, and the documentation implies that
it won't.
Am I missing something obvious? Such as it should work, but I've
somehow messed up? Or perhaps there's some option I've missed? Or am I
out of luck?
--
Mike Meredith, University of Portsmouth
Principal Systems Engineer, Hostmaster, Security, and Timelord!
More information about the bind-users
mailing list