DNSSEC with views and shared zone files
Michael Richardson
mcr at sandelman.ca
Sat Oct 19 15:38:45 UTC 2024
Bowie Bailey via bind-users <bind-users at lists.isc.org> wrote:
> The first issue is that my server uses a few views to give different IPs
> based on which network the request comes from. I found that if I point the
> zones in the different views to the same key directory, there are no errors
> and all views return the same keys when I test with dig. So this appears to
> work. Are there any gotchas that might come up with this setup?
I'm not sure how you are doing these tailored replies if they all have the
same zone file. But, maybe a good idea would be to make the other views be
secondaries for the primary view? Then you would have no issues with
maintenance on zone files.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 511 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20241019/54882615/attachment.sig>
More information about the bind-users
mailing list