One host serving both internal and external nameservice, which view should match-clients for the local host?

Todd Snyder tsnyder at rim.com
Mon Oct 25 19:00:54 UTC 2010


What I have done is add another IP to boxes with views, one per view (ie: 127.0.1.1/2/3/4).  Then put one of those ips in each view match statement.  When you do your dig, you tell it to source from a specific interface (dig -b 127.0.1.1 @localhost record.ext).  That will ensure that you can hit the view you want to hit, without any guess work.

YMMV.

Cheers,

Todd.

-----Original Message-----
From: bind-users-bounces+tsnyder=rim.com at lists.isc.org [mailto:bind-users-bounces+tsnyder=rim.com at lists.isc.org] On Behalf Of Stewart Dean
Sent: Monday, October 25, 2010 2:54 PM
To: bind-users at lists.isc.org
Subject: Q: One host serving both internal and external nameservice, which view should match-clients for the local host?

I have set up a nameserver as per pg 249 of DNS & Bind, 5th Ed.  The host is on 
two networks, serving the internal 10 based network as nsi at 10.5.0.5 with an 
internal view and the external network as nsx at 192.246.229.x with an external 
view.  Everything makes sense until I get to the match-clients definition. Using 
the example on 249, named will serve the internal addresses, and the external 
view match-clients { any; } will take everything else....including the local 
host 127.0.0.1.

That would seem to me to make it so the local host would be unable to resolve 
(for itself) internal addresses, forcing it to only be able to resolve external 
addresses for itself.

Is this as it should be?  Am I missing something?
-- 
"One must think like a hero to behave like a merely decent human being." - May 
Sarton Stewart Dean, Unix System Admin, Bard College, New York 12504 
sdean at bard.edu voice: 845-758-7475, fax: 845-758-7035

_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.



More information about the bind-users mailing list