"catch all" view?
Cricket Liu
cricket at menandmice.com
Sun Sep 22 04:35:10 UTC 2002
> It doesn't appear that we can define a "global" view, but I
> thought I'd ask anyways....
>
> I want to define two views: "everyone" and "internals".
> The zones in "everyone" should be available to absolutely
> everyone, including the folks in "internals". However,
> it appears that the first match-client prevails, such
> that any client will only see one view: there are no
> unions of views.
Right. Views are disjoint.
> For the sake of this example, let's say that I want the
> following views:
>
> everyone briank.com
> internals briank.com and briank.com.local
>
> I looked in the list archives and in the docs at
> http://www.nominum.com/resources/documentation/Bv9ARM.pdf
> and both seem to say that I need to define the views with
> the common information repeated, like:
>
> acl internals { 127.0.0.1; };
>
> view "internals" {
> match-clients { internals; };
> zone "briank.com.local" {...}
> zone "briank.com" {...} # duplicated below
> };
>
> view "everyone" {
> match-clients { any; };
> zone "briank.com" {...}
> };
>
> but that requires putting identical zones into multiple views.
> Yuck.
>
> Is there anyway to specify a view that is completely global,
> so that I don't have to put the zones that are available
> to absolutely everyone in each and every specific view?
No.
> I know it's not (currently) legal, but I'd love the syntax:
>
> acl internals { 127.0.0.1; };
>
> // briank.com is exported to absolutely everyone
> zone "briank.com" {...}
>
> view "internals" {
> match-clients { internals; };
> zone "briank.com.local" {...} # 10.0.0/24
> };
>
> Am I asking for too much?
That's a question for the ISC, I suppose. :-)
cricket
Men & Mice
DNS Software, Training and Consulting
www.menandmice.com
The DNS and BIND Cookbook, coming October 2002!
http://www.oreilly.com/catalog/dnsbindckbk/
More information about the bind-users
mailing list