weird hack to bind results to ip range?

Kevin Darcy kcd at daimlerchrysler.com
Tue Apr 25 21:35:26 UTC 2000 

I've never used "topology", but I gather from the documentation that it only
affects how nameservers talk to each other, so it probably won't be any more useful
than sortlist for your situation.

If you want to give totally different answers -- as opposed to merely
differently-sorted answers -- to the same question depending on which client is
asking, then with BIND 8 you really need to run multiple nameserver instances.
Maybe BIND 9 "views" would help depending on how they are implemented, but probably
not in time to help you.


- Kevin

Mathew A. Hennessy wrote:

> Hi,
>         Due to some network issues beyond my control, I've been asked to
> setup our primary (internal + external) bind box to delegate a branch
> office's public addresses (run on an external nameserver) to people
> querying from outside our VPN, and to delegate their private addresses
> (from their internal nameserver) to internal VPN users.  That's to say
> that I run foo.tld. and I currently delegate accesses to branch.foo.tld.
> to ext.branch.foo.tld. .  What they want now is that if someone comes in
> off of one of our VPNs (subnetted 10./8) they want us to delegate to
> int.branch.foo.tld. while continuing to point the rest of the world to
> ext.branch.foo.tld. .
>
>         I know we need to split our own nameservice though realistically
> since our vpns are nonroutable it's a lower priority than some of the
> other cleanup around here :p but for the time being, is it possible to
> setup a zone in the named.conf to provide from multiple zones depending on
> incoming IP?  I tried this with sortlist, but it appears to really only be
> helpful with round-robin, and doesn't offer the flexibility of "if the
> requestor comes from 10./8, serve 'int.foo.tld' else serve 'ext.foo.tld'".
>
>         Just as an aside, a feature like this would also help in the
> migration to a split DNS infrastructure, where you can continue to point
> to a single server while you split files...
>
> Or is this already possible and I just didn't RTFM closely enough...
> topology may do this, but hmm.. maybe if I set the topology to prefer 10/8
> addresses... (gotta love monkeying around with primary dns ;)
>
> Cheers,
> - Matt
> --
> If it sounds too good to be true, it's probably Linux.
> "Fool! There is nothing Perl cannot do! NOTHING!" -Bastich
> "You can never entirely stop being what you once were. That's why it's important
> to be the right person today, and not put it off till tomorrow." - Larry Wall

More information about the bind-users mailing list