Split DNS(view configuration)

Tony Finch dot at dotat.at
Tue May 20 11:46:12 UTC 2014


Techs_Maru <tecabu at gmail.com> wrote:
>
> The mastering server side cannot be touched as this assumption.

Ah, I missed that difficulty.

> It can solve what I wanted to do by forwarding the zone in the local.
> Method of sending notify to other view when source in zone forwarding
> origin is confirmed with client-match, and either view receives zone.
> However, how to configuration is not understood.

There are two options:

You can have one view that slaves the zone from the master, and the other
view slaves the zone from the first view.

Or you can have an authoritative view that slaves the zone from the
master, and a recursive view that has "static-stub" clauses to send
queries to the first zone. (But beware, there are bugs in older versions
of BIND if your zones are DNSSEC signed.)

view internal {
        match-clients{ XXX.XXX.XXX.XXX; };
	match-recursive-only yes;
        recursion yes;
        zone hoge.com {
                type static-stub;
                server-addresses { 127.0.0.1; };
        };
};

view external {
        match-clients{ YYY.YYY.YYY.YYY; };
        recursion no;
        zone hoge.com {
                type slave;
                masters { AAA.AAA.AAA.AAA; };
                file "hoge.zone_slave";
        };
};

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Fair Isle: Southeasterly 4 or 5 in east, northerly 5 to 7 in west, perhaps
gale 8 later. Slight or moderate in east, moderate becoming rough or very
rough in west. Fog patches, rain or thundery showers. Moderate, occasionally
very poor.


More information about the bind-users mailing list