Trying to define an "in-view" zone without success
Tony Finch
dot at dotat.at
Mon Jan 19 15:33:06 UTC 2015
Alain Fontaine <alain.fontaine at uclouvain.be> wrote:
> view "interne" {
> match-clients { clients-internes; };
> allow-query { clients-internes; };
> zone testzone.net {
> type slave;
> file "slave.int/net.testzone";
> masters { address_of_master; };
> };
> };
>
> view "externe" {
> match-clients { any; };
> zone testzone.net { in-view "interne"; };
> };
>
> There is no error message when reloading, but querying the zone from an
> "outside" address gives "REFUSED", as if the zone did not exist in the
> "externe" view.
Does it work if you set allow-query { any; }; in the testzone.net clause
in the interne view?
My guess is that the zone is inheriting the allow-query acl from its
parent view, and keeping that acl when it is shared by the externe view.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Trafalgar: Cyclonic, mainly northerly, 6 to gale 8, occasionally severe gale 9
at first, becoming variable 4 for a time. Rough or very rough, occasionally
high at first, becoming moderate or rough. Rain at times. Moderate or good,
occasionally poor.
More information about the bind-users
mailing list