question about include syntax in /etc/named.conf
Stanley Liu
stanley.liu at toyota.com.au
Tue Jul 6 00:36:31 UTC 2004
>
> John> Every time I have to do twice editing in that file if I have
> JohN> to add a zone in it.
>
> That's correct. Every zone file inside view{} statements is an
> independent, autonomous entity. [If not, there would be just one zone
> file for a given zone because its contents didn't change between
> views. SO why deploy views in that case?] Since the zone files are
> supposed to be independently managed, this means you may have to
> update multiple copies of the zone, one per view, whenever the zone's
> contents change. If this repetition is a problem, store the zone data
> in some sort of metafile and use that to generate the zone files. But
> always keep the zone files separate and don't make them dependent on
> sharing data using $INCLUDE directives. Unless you want to have
> painful DNS administration that nobody can understand.
>
> John> I heard you can decrease you work by using "include" syntax?
>
> That's not correct. It can be done. But it makes for dreadful
> administration and maintenance problems in the long run. Sharing
> fragments of zone files with $INCLUDE directives is a recipe for
> trouble. You wouldn't do this for noordbrabant.net and noordbrabant.nl,
> would you? So why do it for the internal and external views of say
> noordbrabant.net?
>
I think John is referring to having $INCLUDE in the named.conf rather than
in the zone file. I am suspecting John has a lot of zones that are common
to all views so that John can put all those into one single INCLUDE file
saving him putting them in multiple places:
<quote src="BIND 9 Administrator Reference Manual">
6.2.5. include Statement Grammar
include filename;
6.2.6. include Statement Definition and Usage
The include statement inserts the specified file at the point that the
include statement is encountered. The include statement facilitates the
administration of configuration files by permitting the reading or writing
of some things but not others. For example, the statement could include
private keys that are readable only by a nameserver.
</quote>
We have not used the INCLUDE statement and so do not know if it is relevant
in John's situation.
We have 10 views also and it is a chore to add extra zone in all 10 views
especially when that zone is the same for all views. From my perspective,
the current BIND config file implementation for views is not particular
helpful. The current implementation is "zones within views". But I would
think the most helpful and logical one is "views within zones": we are
serving these zones and some of them will serve different info depending on
from where the queries originated. Just my $0.02.
Stanley
More information about the bind-users
mailing list