forward zone

[Frédéric Lochon]

Hello,

I'm new to this list, but I use BIND for quite some time.

I have a machine running BIND which is authoritative for some domains I 
own and is the nameserver for my home network.

Thus:
- BIND answers to any query from my home network
- BIND answers to queries from the whole planet Earth for the domains I own

This is because:
- in "options", I have (among others)  allow-query { trusted; };
- in each domain zone I have   allow-query { any; };


Today, I just set-up a new zone of type "forward" but I have trouble to 
make it work properly:
- my home network is allowed to send queries because it is "trusted"
- nobody from outside my home network is allowed to send queries because 
it is not "trusted"

As you can't have "allow-query" in a zone of type "forward", I don't 
find any nice solution.

The only solution I found is to allow queries from the whole planet 
Earth by changing "allow-query" in options to "any".
But this is not recommended.

I also though of using "views" but you can't have "options" in views.

So I'm wondering if anybody would have a suggestion to open my "forward" 
zone to planet Earth ?

Thanks in advance,

Frédéric.