Help with views plz, letting internal users view external view.
Kevin Darcy
kcd at chrysler.com
Sat Jan 26 01:09:46 UTC 2008
Piero Giobbi wrote:
> Hi all.
> I'm currently stuck with one problem. I have two views basically:
>
> Internal view (private)
>
> External view (public)
>
> Internal is only for internal users with the internal domains.
> External view contains all our public domains etc. The server is on
> our lan with a private address and the firewall has an public alias ip
> that redirects all dns quiries to this dns-server (and external view
> only). I have several domain in both views.
>
>
> Now i want to add a new public domain in the external view, works great:
>
> external view {
>
> exampledomain.com ...
>
> }
>
> How do i let the internal users view this one? Must i set up a exact
> same fake domain in internal view? I figure the must be a way to
> "forward" internal-view-users to externa-view but i can't figure out
> how..
>
> (Today i have solved this with setting up the same domain in the
> internal as a "fake" domain, works as long as nothing changes on the
> "outside" but its a pretty timeconsuming way and not always failsafe.)
>
> Greatful for all help or hints.
>
You have multiple nameservers for the zone right?
On Nameserver A, serve up the "external" view to Nameserver B's source
address, and _vice_versa_. That way they can resolve the zone from each
other.
If you want each instance to be able to resolve the zone within
*itself*, you may have to resort to having the instance listen on
multiple virtual interfaces and/or employ some sort of exotic
view-selection mechanism like TSIG keys.
- Kevin
More information about the bind-users
mailing list