I had something similar a while back. view 1 { include external tables include common tables }
view 2 { include internal tables include common tables } Read that as tables for ONLY-internal or ONLY-external view. I define each entry exactly once, also pushing stuff off to the common include means I don't have to have two entries for the same machine (one per view). On Wed, Apr 09, 2014 at 08:37:20AM +0100, Mike Meredith wrote: > Hi! > > Using BIND 9.9 here ... > > I have a collection of secondaries with various zone masters (the > majority BIND, some ActiveDirectory). Some of the secondary DNS servers > are for internal use only; some are externally visible, but all are > configured with a common configuration file. > > I have a need to make _some_ zones visible only internally with an > alternate zone visible externally. But the overwhelming majority of the > zones remain as they are. I guess you could call this "partial > split-view". > > I can do this in either of two rather inconvenient ways ... either I > split the configuration of the secondaries with the externally visible > ones configured differently to the internal ones, or I create two views > ("internal" and "external") with the overwhelming majority of the zones > defined twice. > > Neither option seems appealing. > > What I've also tried is to create three views with configurations > like :- > > view "default" { > match-clients { any; }; > recursion no; > > /* The majority of the zones */ > }; > > view "internal" { > match-clients { internal; }; > recursion yes; > > /* The internal zones */ > }; > > view "external" { > match-clients { external; }; > recursion no; > > /* The external zones */ > }; > > ... so that if a client matches multiple views, it tries each in turn. > However that doesn't seem to work, and the documentation implies that > it won't. > > Am I missing something obvious? Such as it should work, but I've > somehow messed up? Or perhaps there's some option I've missed? Or am I > out of luck? > > -- > Mike Meredith, University of Portsmouth > Principal Systems Engineer, Hostmaster, Security, and Timelord! > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users --- Brian R Cuttler brian.cutt...@wadsworth.org Computer Systems Support (v) 518 486-1697 Wadsworth Center (f) 518 473-6384 NYS Department of Health Help Desk 518 473-0773 _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users