Bind and views
/dev/rob0
rob0 at gmx.co.uk
Wed Oct 7 15:24:19 UTC 2015
On Wed, Oct 07, 2015 at 11:35:11AM +0200, Marco Felettigh wrote:
> i have server with an old Bind (bind-9.9.4P2) and is configured
> with multiple views.
>
> ViewA that has slave zones and accept query for
> match-destinations IpA ViewB that has others slave zones and
> accept query for match-destinations IpB
>
> ViewDefault that is the a default configuration for root zones
> etc. and accept query for match-destinations IpDefault.
>
> view "ViewA" {
> match-destinations { IpA; };
"dig @IpA pippo.it." hits this view.
> transfer-source IpA;
> allow-query { any; };
> recursion no;
>
> zone pippo.it .....
>
> };
>
> view "ViewB" {
> match-destinations { IpB; };
"dig @IpB pippo.it." hits this view.
> transfer-source IpB;
> allow-query { any; };
> recursion no;
> zone.....
> };
>
>
> When from the server i run for example:
> dig hosta.pippo.it
>
> dig contact my resolv.conf nameserver (127.0.0.1) on port 53 but
> the Bind's resolver contact root servers and come down all the
> dns chain like Bind do not has the pippo.it zone in the ViewA.
Where is destination 127.0.0.1 matched?
> Of corse if i run
> dig hosta.pippo.it @IpA
> all is working properly.
>
> Is it possible to force the Bind's resolver
Do you mean dig, or named's internal resolver code?
> to lookup in all the views ?
Do you mean in a single query? No, only one view can be hit per
query.
The point of views is to have different answers depending on who's
asking, or in your case, where they ask. If the answers differ,
which one's the right one?
If you want to share a zone in more than one view, do as Mark
suggested: upgrade to 9.10.3 and use "in-view". You probably ought
to consider upgrading anyway, because of recent security patches.
> Important: i need the views binded to differents ips.
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the bind-users
mailing list