How can create in DNS BIND9 view and zones for DMZ with 3 Interfaces (eth0, eth1, eth2)

Darcy Kevin (FCA) kevin.darcy at fcagroup.com
Fri Aug 14 22:09:01 UTC 2015 

Not sure what you're trying to accomplish. Unless you're doing something complicated that requires special configuration, named will listen on all of your interfaces (which possibly you may *not* want, depending on the topology of your network and your security policies), and will use, potentially, any or all interfaces for queries that it generates (subject to the routing configuration of the OS on which it runs). So there's nothing special you need to do, in terms of named configuration, just because a box is multi-homed.

If you mean reverse zones for those address ranges, since they are distinct from each other -- not even in a common /8 -- then you could just set up separate reverse zones for each range. You don't need "views" for that. "Views" are only if you want to "virtualize" your DNS database, i.e. give different answers to different sets of clients (typically just "internal" versus "external", but more complex variations are possible) for the *same* names or zones. E.g. foo.example.com resolves to 192.0.2.1 for internal clients, but resolves to 198.51.100.1, or returns NXDOMAIN, to external clients.

														- Kevin

P.S. I think you meant 172.16.1.1 instead of 172.1.1.1, since 172.1.1.1 is *not* in a private (RFC 1918) range. If you meant only to give *example* addresses, you really shouldn't be using RFC 1918 addresses at all. Use the ones defined in RFC 5737 instead (as I have done).

-----Original Message-----
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Int
Sent: Friday, August 14, 2015 6:34 PM
To: bind-users at lists.isc.org
Subject: How can create in DNS BIND9 view and zones for DMZ with 3 Interfaces (eth0, eth1, eth2)
Importance: High

 How can create in DNS BIND9  view and zones for DMZ with 3 Interfaces (eth0, eth1, eth2)
 
Example for:
 eth0:net: 172.1.1.1
 eth2:DMZ: (Servers BIND9 DNS, FTP, WWW, mail) :192.168.0.1
 eth1:local: 10.2.2.1
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list