transfer with views

Gary Wallis wgg1970 at
Sat Jan 1 15:01:44 UTC 2011

Alan Clegg wrote:
> On 1/1/2011 9:15 AM, Gary Wallis wrote:
>> You will need to setup one virtual IP for each extra view.
> Not since very versions of BIND that are long-since EOL'd.  The FAQ goes
> into how to use TSIG keys to deal with "picking the right one".
>> This is what no one here addresses clearly and upfront:
>> The truth is that when you need N views, BIND transfer is a royal pain,
>> for almost all networks and IT departments.
> Setting up views correctly is not simple.  If you HAVE to do it, it's
> much easier to do it with BIND than it is to do it with alternative
> methods (in my opinion).
>> Think about it.
> Given choices, I think I'm in agreement with you:  I'd chose to not do
> views.
> Based on the posts here, the OP is going to do views.  The best thing to
> do is provide the best method of replicating those views to the machines
> that are providing slave services without using external applications.
> If it were me and I had no other choice than to use views, I'd get into
> the system and re-wire everything using BIND 9.7.2 and write a set of
> scripts that used "rndc addzone" and "rndc delzone" to control the
> master and all of the slaves, configure TSIG keys to manage zone
> transfers between hosts, etc.
>> Cheers!
> and Happy New Year!
> May 2011 be the best one before we all perish in the fires of whatever
> is going to happen in 2012!  :)
> AlanC
Much thanks! I will look into the TSIG key method for view transfers, 
and see if the very conservative (but that I am stuck with) CentOS BIND
version supports it.


More information about the bind-users mailing list