Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Well, I've only set it up on a test box and that was a while ago. But,
I think (and this is all from memory, someone who has the docs handy
might be able to clarify) you declare a views section. Part of it
includes an address match. Then you declare the zone and where to find
the file. So the zone must be declared in each view. Seperate zone
files too.
That's just off the top of my head reaching back about 6 months.
Nimrod
On Mon, Feb 11, 2002 at 06:00:31PM -0500, Rick Buford wrote:
> heya Nimrod =)
> I'm pretty fuzzy on the views option. Can you make up your own classes? Or
> are we talking more about specifying only allowing e.g.NS records to return?
>
> Rick
> "I'm not sure which upsets me more: that people are so unwilling
> to accept responsibility for their own actions, or that they are
> so eager to regulate everyone else's." -- Kee Hinckley
>
> >-----Original Message-----
> >From: Nimrod Levy [mailto:EMAIL:PROTECTED]
> >Sent: Monday, February 11, 2002 4:05 PM
> >To: EMAIL:PROTECTED
> >Subject: Re: [MLUG] DNS question
> >
> >
> >This is a pretty classic problem that I've faced before. One solution
> >is to run seperate DNS servers. One for external, one internal.
> >An added wrinkle is when you have laptops that migrate from internal to
> >external. That can be circumvented with DHCP internaly. Then there's
> >the issue of what happens when you establish a VPN, is the laptop
> >internal or external? Makes your head want to explode.
> >
> >The most elegant solution by far that I've come up with is using Bind
> >9's views feature. It lets you serve a different zone file
> >for the same
> >zone based on the souce of the request. You still have multiple zone
> >files, but they're in one place now.
> >
> >I'm interested in any other solutions myself.
> >
> >Nimrod
> >
> >On Mon, Feb 11, 2002 at 01:37:19PM -0600, yoda wrote:
> >> Hullo. I was wondering about how the search line in /etc/resolv.conf
> >> works. I was under the impression it searched what was in
> >there first,
> >> before trying just the exact name.
> >>
> >> For example:
> >> if resolv.conf reads:
> >> search foo.bar
> >> nameserver 127.0.0.1
> >>
> >> and I tried:
> >> ping www.kernel.org
> >>
> >> I was under the impression it'd try
> >> www.kernel.org.foo.bar
> >> and then
> >> www.kernel.org
> >>
> >> I wanted to change this behaviour because our (masq'ing)
> >firewall forwards
> >> port 80 to an internal machine, and it seems not to work
> >when an internal
> >> machine attempts to connect to the external ip of the firewall.
> >>
> >> I added an alias for tinydns, but when I ping, it still
> >comes back from
> >> the external ip of the firewall.
> >>
> >> If anyone knows why or (even better) knows a better way of fixing the
> >> port forwarding+masq'ing problem, I'd appreciate the help.
> >>
> >> --
> >> To unsubscribe, go to http://mlug.missouri.edu/members/edit.php
> >>
> >> Archives are available at http://mlug.missouri.edu/list-archives/
> >--
> >To unsubscribe, go to http://mlug.missouri.edu/members/edit.php
> >
> >Archives are available at http://mlug.missouri.edu/list-archives/
> >
> --
> To unsubscribe, go to http://mlug.missouri.edu/members/edit.php
>
> Archives are available at http://mlug.missouri.edu/list-archives/
--
To unsubscribe, go to http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact