<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class=""><br class="">
</div>
Dear All,
<div class=""><br class="">
</div>
<div class="">I have a strange behaviour which I can’t explain. So I am asking for help. </div>
<div class="">In my named.conf I have two views. One view is called „intern“ ( German internally ) and the other is called „fueralle“ ( German "for everyone" ) </div>
<div class="">In the internal view I have a <span style="font-family: Menlo; font-size: 13px;" class="">response-policy</span> with two zones, a „drop“ zone and a „passthru“ zone where I rewrite some IP addresses for internal use. The "match-clients“ definition
is defined with „lokal“ which is the local IPv4 address range <span style="font-family: Menlo; font-size: 13px;" class="">192.168.0.0/16</span><span style="font-family: Menlo; font-size: 13px;" class=""> </span> and the public IPv6 address but no loopback,
either IPv6 or IPv4. </div>
<div class="">The "for everyone“ zone has everything else. It has the domain name as master and some others as slave and also <span style="font-family: Menlo; font-size: 13px;" class="">"168.192.IN-ADDR.ARPA</span><font face="Menlo" size="2" class="">“</font> ;
match-clients is defined with „any“</div>
<div class="">The server is physically located in network 192.168.0.0 and reachable from the world via NAT and has also a public available IPv6 address. </div>
<div class=""><br class="">
</div>
<div class="">Now the behaviour is the following: When I query from the local IPv6 or IPv4 network with „dig -x“ for an IP address I get back „<span style="font-family: Menlo; font-size: 13px;" class="">status: NXDOMAIN</span>“ </div>
<div class="">But when I do the same on the server itself using the loopback addresses for IPv6 or IPv4 it works fine. It also works, if the query comes from the Internet over IPv4 with NAT or with the public IPv6 address. If I query „normal forward“ for an
IP with a given name then it works in any case and from every location. This is interesting because the reverse lookup zone and the normal forward zone are both in the same view „fueralle“.</div>
<div class=""><br class="">
</div>
<div class="">If I remove the views it works as I would expect. </div>
<div class=""><br class="">
</div>
<div class="">I am using <span style="font-family: Menlo; font-size: 13px;" class="">BIND 9.16.16 (Stable Release) <id:0c314d8> </span><span style="font-family: Menlo; font-size: 13px;" class="">running on Linux x86_64 4.19.0-16-amd64 </span></div>
<div class=""><br class="">
</div>
<div class="">Any help is welcome. </div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Kind regards </div>
<div class="">Hans</div>
<div class=""><br class="">
<div class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div dir="auto" style="caret-color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="color: rgb(0, 0, 0);"><font color="#40bbff" class=""><i class="">--<br class="">
<br class="">
Ing. Dipl.-Ing. Hans Mayer<br class="">
Systems Analyst</i></font></div>
<div style="color: rgb(0, 0, 0);"><font color="#40bbff" class=""><i class="">Network Unix Security Team (NUST) <br class="">
Information and Communication Technologies (ICT)<br class="">
<br class="">
International Institute for Applied Systems Analysis (IIASA)<br class="">
Schlossplatz 1<br class="">
A-2361 Laxenburg, Austria<br class="">
Phone: +43 2236 807 Ext 215<br class="">
Mobile: +43 676 83 807 215<br class="">
Web: <a href="http://www.iiasa.ac.at" class="">http://www.iiasa.ac.at</a></i></font></div>
<div style="color: rgb(0, 0, 0);"><font color="#40bbff" class=""><i class=""><a href="mailto:hans.mayer@iiasa.at" class="">E-Mail: hans.mayer@iiasa.at</a></i></font></div>
<div style="color: rgb(0, 0, 0);"><font color="#40bbff" class=""><i class=""><br class="">
</i></font></div>
<div><i class=""><font color="#a4adff" class="">Note: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. </font></i></div>
<div style="color: rgb(0, 0, 0);"><br class="">
</div>
</div>
</div>
</div>
</div>
</div>
<br class="Apple-interchange-newline">
</div>
<br class="Apple-interchange-newline">
<br class="Apple-interchange-newline">
</div>
<div><br class="">
<blockquote type="cite" class="">
<div class="">On 01.06.2021, at 17:31, Anand Buddhdev <<a href="mailto:anandb@ripe.net" class="">anandb@ripe.net</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div class="">On 01/06/2021 17:18, Cuttler, Brian R (HEALTH) via bind-users wrote:<br class="">
<br class="">
Hi Brian,<br class="">
<br class="">
<blockquote type="cite" class="">From what I'm reading I should be sending a notify from the primary<br class="">
to the secondary when a dynamic zone is updated but I don't seem to be<br class="">
doing that.<br class="">
<br class="">
Would someone please point me to the option I'm missing to do so?<br class="">
I've either completely missed it, mis-understood what I read or am going in<br class="">
the wrong direction.<br class="">
</blockquote>
<br class="">
You need an "also-notify" option for that zone. Read more about this in<br class="">
the BIND documentation:<br class="">
<br class="">
<a href="https://bind9.readthedocs.io/en/v9_16_16/reference.html#zone-transfers" class="">https://bind9.readthedocs.io/en/v9_16_16/reference.html#zone-transfers</a><br class="">
<br class="">
While this documentation refers to the latest stable version of BIND, it<br class="">
should still apply to the older version you're using.<br class="">
<br class="">
Regards,<br class="">
Anand<br class="">
_______________________________________________<br class="">
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list<br class="">
<br class="">
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.<br class="">
<br class="">
<br class="">
bind-users mailing list<br class="">
bind-users@lists.isc.org<br class="">
https://lists.isc.org/mailman/listinfo/bind-users<br class="">
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</body>
</html>