[ale] BIND split view on secondary/slave server

Lightner, Jeff jlightner at water.com
Thu Jan 27 11:08:12 EST 2011 

I've done the split views on master/slave but haven't tried setting up
so that only the slave has the split.

To use split views on both master and slave I left my original IPs
(internal and external since it is DMZ host) then added virtual IPs on
the same NICs.  This is because You have to use separate IPs for each
view to allow the transfer from slave to master.

However, since the split is defined in the named.conf and the
designation of slave zone is also defined in named.conf on the slave it
seems you should be able to set up separate views that way so long as
you are updating the special view zones on the slave rather than trying
to transfer them.   (If you want to transfer then you WILL have to setup
on the master but you ought to be able to tell the master that everyone
sees your default view and only setup the special view to allow for
transfer.)


-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
Michael B. Trausch
Sent: Thursday, January 27, 2011 10:44 AM
To: ale
Subject: [ale] BIND split view on secondary/slave server

Hi,

I am still going through the BIND documentation on how to accomplish
this, but this might be faster if someone has done it.

I have two DNS servers that both handle several (identical) zones.
However, there are special requirements on the slave server, in that it
needs to return RFC 1918 addresses for certain network things (actually,
only one particular entry at the moment).  I have fired djbdns on my
master DNS server, but I have yet to drop it in at the secondary because
the secondary is the one that requires the split-horizon.

What I am trying to figure out is if it is possible to manage this
centrally at the master.  It looks like what I might need to do is have
an alternative zone file, say "db.internal.<zone_name>", and have that
be present on both the master and the slave.  Then have a view defined
on the slave server such that it serves up db.internal.<zone_name>
instead of db.<zone_name> when queries come from the internal network.

It doesn't look like such views can be part of the AXFR transferred
zones themselves.

Am I right on all of this, or is there perhaps something I have missed
(or not yet read in the BIND documentation, which I have on my Kindle
and I am reading through, sequentially)?

	Thanks,
	Mike
 
Proud partner. Susan G. Komen for the Cure.
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the Ale mailing list