[prev in list] [next in list] [prev in thread] [next in thread]
List: bind-users
Subject: Re: I specify subject: split view, match-recursive-only,
From: "Konstantin V. Krotov" <kkv () insysnet ! ru>
Date: 2011-12-23 7:08:16
Message-ID: 4EF428E0.8020703 () insysnet ! ru
[Download RAW message or body]
21.12.2011 20:40, Chris Buxton пишет:
> No, that's not correct. You can use TSIG keys to differentiate between views, \
> without using separate interfaces.
I will try to
However, this will not solve the problem -- removing
match-recursive-only will solve the problem.
I need "match-recursive-only yes" in internal view options, i have
master zones in external view and without "match-recursive-only yes"
request from my internal clients to external zones not correctly.
>
> Regards,
> Chris Buxton
> BlueCat Networks
>
> On Dec 21, 2011, at 2:23 AM, Gelo wrote:
>
> > Hi,
> >
> > Maybe this can help you.
> >
> > First you need two network interfaces with diferent ip.
> >
> > At the internal view declaration add transfer-source 192.168.11.x; ( has to be \
> > different from your public/external)
> > In the zone statement, you must specify the private IP address of your slaves, at \
> > allow-transfer clause
> > I hope you worth something.
> >
> >
> > regards.
> > Gelo
> >
> > 2011/12/21 Konstantin V. Krotov<kkv@insysnet.ru>
> > 21.12.2011 13:54, Konstantin V. Krotov пишет:
> > Hello, list!
> > I have split view on my name-servers (master and slave), for internal
> > and external clients i have zone with similar names, but different content.
> > Part of config named.conf on master:
> >
> > view "internal" {
> > match-clients { myclients; };
> > recursion yes;
> > match-recursive-only yes;
> > allow-recursion { myclients; };
> > ...
> > zone "10.168.192.in-addr.arpa" {
> > type master;
> > file "10.168.192.in-addr.arpa.db";
> > allow-transfer {transfer_acl;};
> > allow-update {none;};
> > };
> > ...
> > }
> >
> > view "external" {
> > match-clients { "any"; };
> > recursion no;
> > ...
> > [here descriptions of zone]
> > }
> >
> > Well, then i have "match-recursive-only yes" directive in "internal"
> > view, slave name-server report: "zone
> > 10.168.192.in-addr.arpa/IN/internal: refresh: non-authoritative answer
> > from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
> > match-recursive-only no, zone transfer to slave all right. There i have
> > wrong? Thx.
> >
> >
> > --
> > WBR, Konstantin V. Krotov
> > CJSs "Information Systems"
> > mailto: kkv@insysnet.ru
> > phone: +7 (8332) 51-35-95
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe \
> > from this list
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe \
> > from this list
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
>
>
--
WBR, Konstantin V. Krotov
CJSs "Information Systems"
mailto: kkv@insysnet.ru
phone: +7 (8332) 51-35-95
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic