Selective forwarding and views...

Kevin Darcy kcd at daimlerchrysler.com
Tue Aug 24 22:26:23 UTC 2004


Ricardo Stella wrote:

>Hello,
>
>We are trying to setup internal DNS servers that would be also be used
>for a network registration system.  Users would get a private IP
>initially, and after registration, they'll get a permanent one.
>
>So, via views, we would like to redirect the users to our registration
>box.  But we do need to give access to certain addreesses before they
>register.
>
>The problem we are having is that it seems the server is sharing it's
>cache data for both views.
>
>This is what we came up with for named.conf for 10.0.0.10 who acts as a
>master (.11 is secondary):
>
>### named.conf (standard options ommited)
>acl restricted { 192.168.100.0/24; }
>acl internals  { 10.0.0.0/8; 127.0.0.1; }
>view "restricted" {
>	match clients { restricted; };
>	allow-query { restricted; };
>	zone "microsoft.com" {
>		type forward;
>		forwarders { 10.0.0.11; }; ## This is a secondary
>		forward only; };
>	zone "." {
>		type master;
>		file "fake-root"; }; };
>
>view "unrestricted" {
> ... standard master dns server options and zones that work ok ...
>}
>### End named.conf
>
>### fake-root
>$TTL 0
>.. IN SOA reg.domain.net. root.reg.domain.net. (
>                119 ; 10800 ; 360 ; 604800 ; 86400 ; )
>               IN      NS      reg.domain.net.
>microsoft.com.	IN	NS	reg.domain.net.
>reg.		IN	A	10.0.0.10
>*.		IN	A	10.0.0.10
>### End fake-root
>
>Any ideas, or a pointer on somewhere that explains a bit on how to
>properly set this scenario up ?
>
What cache data is being "shared"? If you're talking about subzones of 
microsoft.com, then you're probably getting "polluted" through your 
forwarder, not from the other view...

                                                                         
                                    - Kevin

P.S. The allow-query seems a little redundant, since no other clients 
can get to the "restricted" view in the first place.




More information about the bind-users mailing list