dynamic update of split view acl
Matt Calder
calderm at usc.edu
Sat Feb 28 12:27:36 UTC 2015
I'm running BIND 9.9.5-3 on Ubuntu 14.04.1.
I'm trying to figure out how to change the match-clients prefixes in a view
without having to restart BIND or do full config reload. My actual BIND
config has many views and restarts can take several minutes.
Here is my simple test set up.
*view "view1" { match-clients { 204.57.0.0/24
<http://204.57.0.0/24>; 204.57.5.0/24 <http://204.57.5.0/24>; }; zone
"domaintest.com <http://domaintest.com/>" in { type master;
file "/etc/bind/view1.zone"; };};view "view2" { match-clients
{ 216.55.18.0/24 <http://216.55.18.0/24>; }; zone "domaintest.com
<http://domaintest.com/>" in { type master; file
"/etc/bind/view2.zone"; };};*
Say I move 204.57.0.0/24 from view1 to view2, my hope was that I could
simply do
*$ rndc reload domaintest.com <http://domaintest.com/> in view1$ rndc
reload domaintest.com <http://domaintest.com/> in view2*
and match-clients would also be updated but this doesn’t work. I increment
the serial of view1.zone and view2.zone, but 204.57.0.0/24 is still matched
by view1. Is there any way to accomplish this?
Thanks,
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150228/f8e6642b/attachment.html>
More information about the bind-users
mailing list