Accessing internal zones over a VPN

Anthony Chavez acc at anthonychavez.org
Wed Mar 3 07:44:03 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 01 Mar 2004 19:24:09 -0500 Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> Well, it's not going to be pretty however you implement it. What comes 
> to my mind is to set up the zones of interest as "stub" zones on a 
> separate nameserver, nameserver instance (running on a different 
> interface of the same box, using "listen-on") or (if you're willing to 
> upgrade to BIND 9) a separate "view", which serves only the 
> client-subset you care about.

I was actually toying with this idea after skimming O'Reilly's DNS &
BIND Cookbook.  I didn't try very hard, but after your suggestion, I
think I will. :-)

FWIW, an upgrading to BIND 9 is in the works, but it will likely be at
least a few weeks into the future.

Thanks for your input.

- -- 
Anthony Chavez                             http://www.anthonychavez.org/
mailto:acc at anthonychavez.org                jabber:acc at anthonychavez.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFARYzHbZTbIaRBRXERApOKAJ988bddQ0rIQZX7FVo2kHMCXwubnACfZwb5
PumTnrSLfTxIZvY3oRnFYlI=
=pZ+9
-----END PGP SIGNATURE-----


More information about the bind-users mailing list