ACLs, one zone two times on one host

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Wed Jan 29 17:25:07 UTC 2003


Helmut Schneider <jumper99 at gmx.de> wrote:
> <phn at icke-reklam.ipsec.nu> schrieb

>> Read about the 'view' statement where you can create several 
>> different vies depending on query-source.

> Close but not exactly what I want. "view" still needs two zones to be 
> updated if a new computer joins the domain. What I'd like to do is to 
> update my internal zone and transfer that to my public DNS where I can 
> set some records to be hidden from public. But this seems quite 
> impossible right now, hm?! :)

Both with views and separate servers you need to cross-pollinate those
resources that shoudl be visible in both views.

One way might be to have a third file as "original", using tags ( INSIDE / OUT ) 
and have a small script generate both views from this input.

The sites I have seen however seems to have a fairly constant and small
"common populations" any changes usually only affects one view.

Thus after initial setup, it's no fuzz.

> But still much better than MS-DNS... :)
aggree

> Thanks again, Helmut

> -- 
> NT Admin on his quest for experience!
> Please do not email him, post to the group...


-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list