BIND9 Feature Request: inheritance-policy
JW λ John Woodworth
jw at pcthink.com
Thu May 27 22:35:30 UTC 2021
Thanks Tony!This is essentially what we do today. In fact, I was ecstatic when acl's were finally able to be used for all address match-lists.However, (and I realize this not a common use case) with over 150,000 zones -- some in multiple views, with different sets of rules (e.g., allow-query, etc.). Even with short 3-5 character acl's, repeating them every few lines will make the file grow...a lot, and I expect to be at around 250,000 zones fairly soon.I understand I could play hide-the-body and stuff the acl's into include file(s), but this level of duplication has bothered me for a while I and was hoping for something a little more elegant.Having said this, your suggestion holds true and is appreciated!Thanks,John
-------- Original message --------> From: Tony Finch <dot at dotat.at>> You can sort of do what you want already, by defining> named ACLs. ACLs can refer to named ACLs: you can> include a named ACL or exclude it.Tony.-- f.anthony.n.finch <dot at dotat.at> https://dotat.at/work to the benefit of all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210527/601e3035/attachment.htm>
More information about the bind-users
mailing list