Views and no answers ...
Thomas Schweikle
tps at vr-web.de
Sat Jun 18 04:08:51 UTC 2011
Hi!
I have set up a view for one site. It is bound to change answers as
necessary for different IP-ranges. It works as far as I could see.
But with one ip-range there is a problem ...
I can query internal addresses:
!user at kvm2~# host intweb.example.de
!intweb.example.de has address 192.168.180.46
But external ones do not work:
!user at kvm2:~# host google.com
!user at kvm2:~#
The host I am trying on has address 192.168.112.4 and I've set up my
view as:
!view "ex" {
! match-clients { 192.168.112.0/23; };
! recursion yes;
!
! include "/etc/named/master/rootns.conf";
! include "/etc/named/master/localhost.conf";
! include "/etc/named/master/empty.conf";
!
! zone "example.de." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zhz/fwd.example";
! };
! zone "mgm.example.de." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/fwd.example.mgm";
! };
!
! zone "1.168.192.in-addr.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/rev.192.168.1";
! };
! zone "112.168.192.in-addr.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/rev.192.168.112";
! };
! zone "113.168.192.in-addr.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/rev.192.168.113";
! };
! zone "180.168.192.in-addr.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/rev.192.168.180";
! };
! zone "181.168.192.in-addr.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! notify no;
! file "/etc/named/zin/rev.192.168.181";
! };
!
! zone "hz.example.de." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/fwd.example.hz";
! allow-update { key "examplekey"; };
! };
! zone "in.example.de." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/fwd.example.in";
! allow-update { key "examplekey"; };
! };
! zone "no.example.de." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/fwd.example.no";
! allow-update { key "examplekey"; };
! };
!
! zone "1.168.192.in-dyn.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/rev.192.168.1";
! allow-update { key "examplekey"; };
! };
! zone "112.168.192.in-dyn.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/rev.192.168.112";
! allow-update { key "examplekey"; };
! };
! zone "113.168.192.in-dyn.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/rev.192.168.113";
! allow-update { key "examplekey"; };
! };
! zone "180.168.192.in-dyn.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/rev.192.168.180";
! allow-update { key "examplekey"; };
! };
! zone "181.168.192.in-dyn.arpa." {
! type master;
! allow-transfer { key "mskey"; };
! file "/var/lib/named/rev.192.168.181";
! allow-update { key "examplekey"; };
! };
!};
Any idea why the server resolves internal names, but no external
ones to this view, while it does answer internal and external names
to an other view (same setup, only a different "view"-line)?
!view "no" {
! match-clients { 127.0.0.1/8; 192.168.180.0/23; };
! recursion yes;
![... same as above ...]
I've set up query logging, but this just tells me queries are
correctly processed. But not why no answer was sent.
--
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 219 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110618/0c76b11d/attachment.bin>
More information about the bind-users
mailing list