expected view behavior
Andre Gerhard
agerhard at usp.br
Tue Feb 13 20:43:17 UTC 2007
Hello,
My configuration is as follows.
I have two views defined, in a split-dns way.
Part of named.conf, from machine viewserver.mydomain.com,
IPs are sanitized:
acl clients {
localhost;
192.0.2.64/26;
192.0.2.192/28;
};
view "internal" {
match-clients { clients; };
recursion yes;
//hint, localhost zones etc defined here
};
view "external" {
match-clients { any; };
recursion no;
zone "subdomain.mydomain.com" {
type master;
file "subdomain.db";
};
};
Also, we have another server, that defines the domain mydomain.com.
In this server, I delegate the subdomain.mydomain.com to the server
that have these views defined by doing:
subdomain.mydomain.com. IN NS viewserver.mydomain.com.
Both servers are located in the internal network.
Then, in the example.db above, I have an A record, say:
mymachine.subdomain.domain.com. IN A 192.0.2.65
So mymachine is also located in the internal network.
Outside the network defined by the ACL, I am able to resolve the external
name mymachine.subdomain.domain.com.
But the problem is that if I am inside the network (from machines that
are in the acl clients), I receive a SERVFAIL response.
Is this the correct behavior ?
Why I could not resolve the external name if I am located in the
internal network ?
To make things work, I must define the zone in the external *and*
in the internal view ?
Sincerely,
Andre Gerhard
Universidade de Sao Paulo
More information about the bind-users
mailing list