DNS resolution based on source network

Kevin Darcy kcd at chrysler.com
Mon Sep 27 23:38:29 UTC 2010

Under certain limited circumstances, it might make more sense to put 
both/all addresses under the same name, and then use the "sortlist" 
mechanism to present those addresses in an order which is suitable for 
particular clients.

Among other things, this requires that all resolver/nameserver configs 
be configured with the same sortlist configs, that there is no local 
randomization or re-sorting of the address list, and that there are no 
negative consequences for the client or the client software to connect 
to the "wrong" address if the preferred one happens to be unavailable.

"View"s are fine, but historically they're a fairly heavyweight solution 
for this class of requirement, because all relevant zones need to be 
defined multiply and this is difficult to maintain and consumes extra 
memory/CPU resources. The new (9.7.x?) "attach-cache" feature addresses 
the resource issue somewhat, but still doesn't obviate 
parallel/overlapping zone definitions and associated setup/maintenance. 
With sortlisting, all your zone definitions stay the same, you just need 
to create the round-robin entries and define the appropriate address 
ranges in your "sortlist" and/or "acl"s clauses.

- Kevin

On 9/27/2010 9:00 AM, Thomas Elsgaard wrote:
> Hello
> Is it possible with BIND, to resolve the same name (like test.gl) to
> different IP's based on the source network of the request?
> Here is an example
> A machine in network is contacting DNS to lookup
> "test.gl", DNS returns ->
> A machine in network is contacting DNS to lookup
> "test.gl", DNS returns ->
> Thomas
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list