Hi list, I am facing a problem internal/external views, I will do my best to describe it:
An internal host needs to nsupdate an external view using a key, but cannot because it is part of the internal ip range, at least that is what I think. The acutal use is for Letsencrypt certs. Is there a way do this witjh views or should I use another form of access control? The host sending the update needs to be part of "internals" to be able to lookup general names of course. I suppose I could use allow-query and others instead? acl internals { 192.168.1.0/24; }; view "internal" { zone "internal.example.com" { recursion yes; type slave; file "slave/db.internal.example.com"; masters { 192.168.1.1; }; }; }; view "external" { match-clients { any; }; recursion no; allow-transfer { slaves; }; zone "example.com" { type master; file "dynamic/db.example.com"; allow-update { key rndc-key; }; }; }; Thanks, //per _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users