Dynamic ACL
Ali Jawad
alijawad1 at gmail.com
Wed Apr 8 17:41:22 UTC 2015
Hi Barry
I would rather not do that through editing text files unless it is the last
option. I want this dynamic and scalable . Down the road users will have
option to change their view as such simultaneous read/write might happen
Regards
On Apr 8, 2015 4:42 PM, "Barry Margolin" <barmar at alum.mit.edu> wrote:
> In article <mailman.1908.1428494842.26362.bind-users at lists.isc.org>,
> Ali Jawad <alijawad1 at gmail.com> wrote:
>
> > Hi
> > I am running BIND 9.10 and I have looked through various options
> including
> > DLZ and RPZ but I am still not sure if they can do what I need or if i
> need
> > to look at something different. Here is my scenario and I would
> appreciate
> > if you could advice me.
> >
> >
> > - I do have 6 different Geo ACLs and a default ACL
> > - Each ACL has its own zone file , users get served based on Geo
> > location. If the users are not part of any geo location they are
> > served the
> > default ACL and zone files.
> > - For a few hundred users I want to asign their IPs to specific Geo
> > locations even if they do not belong to those locations. I want
> > to do this
> > on the fly without having to edit zone files and if possible
> > without having
> > to reload BIND. I want to keep it as dynamic as possible.
> >
> > Any input please ?
> >
> > Regards
>
> Sounds like you should be able to do this all with views. When you
> reassign an IP, you edit named.conf to change the "match-address"
> clause, and use "rndc reconfig" to load the new named.conf file.
>
> --
> Barry Margolin
> Arlington, MA
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150408/67c0e814/attachment-0001.html>
More information about the bind-users
mailing list