Re: DNS zone for internal net
On Sat Apr 26, 2003 at 03:58:11PM -0500, Will Yardley wrote:
> In article <20030426150006$651e@gated-at.bofh.it>, moseley@hank.org wrote:
>
> > I'm running Bind9 on the machine that is doing NAT for the internal LAN. It
> > provides public DNS lookups for my public machines. Of course I don't want
> > to add private IPs to the zone that lists the public IPs.
> You want to use views.
Ok, thanks.
So it seems if I do use views then I need to place *all* my zones inside views?
So like your root zone below, I'll need to list zones that are not different for internal
and external networks in both views?
It would be nice if zones outside the view were used if a specific view was not found.
> acl internal { 127.0.0.0/8; 192.168.168.0/23; };
> acl dmz { 64.174.220.40/29; };
> options {
> [....]
> };
> view "inside" {
> match-clients { internal; dmz; };
> recursion yes;
>
> zone "veggiechinese.net" {
> type master;
> file "internal/veggiechinese.net";
> allow-transfer { internal; dmz; };
> };
>
> zone "168.168.192.in-addr.arpa" {
> type master;
> file "internal/168.168.192.in-addr.arpa";
> allow-transfer { internal; dmz; };
> };
>
> zone "." {
> type hint;
> file "named.root";
> };
> [ snip other inside views ]
> };
>
> view "outside" {
> match-clients { any; };
> recursion no;
> zone "veggiechinese.net" {
> type master;
> file "external/veggiechinese.net";
> };
>
> zone "." {
> type hint;
> file "named.root";
> };
> [....]
> ];
>
> --
> No copies, please.
> To reply privately, simply reply; don't remove anything.
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: