Logging statements w.r.t. view in Bind 9.16.18
G.W. Haywood
bind at jubileegroup.co.uk
Tue Aug 24 12:07:35 UTC 2021
Hi there,
On Tue, 24 Aug 2021, Gaurav Kansal wrote:
> I want a clarity whether we can have individual logging statement
> per view basis ? Whatever i found on google, i think we can't. My
> use case for separate logging statement is as follows -
>
> In my recursive server, i have 2 views, one for my internal clients
> and one for Internet ; i am running Internet view just for catch
> hold of scanning IPs (type of honeypot).
>
> Syntax of 2 views are as follows -
>
> view "INTRANET" {
> match-clients { PRIVATE.SEGMENTS ; };
> recursion yes;
> };
>
> view "PUBLIC" {
> match-clients { any; };
> allow-query { none; } ;
> recursion no;
> };
You have recursion turned off for PUBLIC. As I understand it, the
conventional wisdom is not to run recursive and non-recursive services
on the same BIND instance. Would it make sense then, in your case, to
run two separate instances of BIND? Separating logs is then trivial.
--
73,
Ged.
More information about the bind-users
mailing list