split DNS?

Kevin Darcy kcd at daimlerchrysler.com
Fri May 25 22:59:45 UTC 2007 

Sky Me wrote:
> 2007/5/25, Kevin Darcy <kcd at daimlerchrysler.com>:
>> Yes. Check out doc/arm/Bv9ARM.ch06.html#view_statement_grammar relative
>> to the top-level of the BIND distribution.
>>
>
> After reading Bind's "view" content,I thought there're a little problems.
> For example,say we have two services in isp a:
>
> foo.example.com  A  11.11.11.11    # service for isp a only
> bar.example.com  A  22.22.22.22    # service for both isp a and b
>
> and have only one service in isp b:
>
> foo.example.com A  33.33.33.33    # service for isp b only
>
> The view config may looks below:
>
> view "ispa" {
>      match-clients { "acl-ispa"; };
>      zone "example.com" {
>            type master;
>            file "example-ispa.db";
>      };
> };
> view "ispb" {
>      match-clients { "acl-ispb"; };
>      zone "example.com" {
>            type master;
>            file "example-ispb.db";
>      };
> };
> view "other" { # say they get same answers as isp a
>      match-clients { any; };
>      zone "example.com" {
>            type master;
>            file "example-ipsa.db";
>      };
> };
>
>
> Then we need 2 database files,and most items are may the same.like:
>
> example-ispa.db:
> foo.example.com  A  11.11.11.11
> bar.example.com  A  22.22.22.22
>
> example-ispb.db:
> foo.example.com  A  33.33.33.33
> bar.example.com  A  22.22.22.22
>
> So the difficulty I first think is that we have to maintain two 
> database files.
> When db files are large enough,this work may become hard.Am I right?
You can use $INCLUDE files, as another poster pointed out, or you could 
follow something like your original design, aliasing foo.example to 
foo.split.example.com, a delegated subzone served by a separate 
nameserver instance. The only differences from your original design being
a) you could use BIND with views, as the delegated nameserver, rather 
than the homegrown, Stanford::DNSserver-based DNS server you currently 
have, which might prove easier to operate and maintain, if not for you, 
then maybe for whomever inherits this from you, and
b) you'd be able to serve up a differentiated A record from the 
delegated nameserver instance instead of another CNAME in the chain 
(nested CNAMEs are truly bad form).

                                                                         
                  - Kevin

More information about the bind-users mailing list