AW: different external and internal addresses

Walkenhorst, Benjamin Benjamin.Walkenhorst at
Tue Nov 9 07:29:00 UTC 2004


> I want to have different ip addresses for a lookup based on where the 
> query comes from.  For example should be 
> to the outside world but to the internal one.  While the 
> bind admin guide shows how to restrict certain zones based on 
> ip, that 
> isn't what I want to do.  So how do I do this while running one bind?

You can use views, they are explained in the BIND v9 ARM.
You can match views depending on the source-IP of a query as well the
destination-IP. Within a view, you can override global options by re-defining
them. For example, you could answer recursive queries from your internal view
but refuse them from the external view.
If you want to have queries answered differently from both views, you need
to set up two sets of zone files. 
A sample config might look something like this:

view "internal" {
	match-destinations {; };
	[ ... your options and zones go here ... ]

view "external" {
	match-destinations {; };
	[ ... ]

For further details on views, see the BIND v9 ARM (it should come with BIND9),
if you are willing to throw money at it, see Liu's & Albitz' "DNS & BIND",
available from O'Reilly. 

Kind regards,

More information about the bind-users mailing list