On 2016-03-07 22:17, Darcy Kevin (FCA) wrote:
Don't turn your DNS and/or network infrastructures into pretzels trying to get this "forwarding" or
"(reverse) proxying" to work. Ultimately, I expect you'll end up maintaining the records of
interest in both an internal and an external version of the subzone. Then the only question becomes to what
extent you can automate the "sync".
I'm not sure you answered my question. This was just snap shot on way to
solution for my problem. I got DNS server serving as MAster and Slave
for some zones and forward for internal network. I need to foward single
zone from outside to LAN as transapenly as possible, taking in account
my research an other answer it seems, tere is no way, even i would move
cache function into separate machine. The idea was to create single zone
view, but matching rules wont allow this.
I'll get back to simple configuration reverting "pretzel" model and
investigate possibility to get separate IP for calc.example.com so it
will be NATed in.
Anyway thanks for your answer.
- Kevin
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Oto BREZINA
Sent: Friday, March 04, 2016 6:09 PM
To: [email protected]
Subject: forward only single zone
I got successfuly set schizophrenic bind based DNS. It is version 9.9.5 running
on Ubuntu .
I got local zones :
serving internal side.
public zones master and slaves (server in same way for internal and
externals clients)
I need to create one subzone of public zone which is served by another server.
This can not be transfered. Server is located on LAN.
Is there way to set this? I tried to set views, but with no luck.
my setting right now is like:
view "local" {
allow-query { internals; };
match-clients { internals; };
recursion yes;
include "local zones";
include "public zones";
include "slave zones";
};
view "public" {
allow-query { any; };
match-clients { any; };
recursion no;
include "public zones"; // contains example.com with clue to same
server
include "slave zones";
};
I need to add
zone "calc.example.com" {
type forward;
forward only;
forwarders { local_machine; };
};
adding it to local wont let external client to get access, but works from
internals adding it to public, does not help, it returns only clues; forward
only wont word as recursion is no, adding another view public2 seems have no
affect.
I'm aware it is not recomented setup, but even I would run separate local and
public server, I have still no idea how have not open DNS but forward single
zone.
Please advise.
Oto
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
__________ Information from ESET Mail Security, version of virus signature
database 13141P (20160307) __________
The message was checked by ESET Mail Security.
http://www.eset.com
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
