Fred Morris <m3...@m3047.net> wrote: > > Didn't see any reason that it had to be separate instances of BIND, > thought maybe I could do it with views, but I've run into a couple of > roadblocks: > > 1. listen-on isn't supported in views.
Right, listen-on is for the server as a whole. To control which view is used to answer a query based on the server address, use the `match-destinations` option. For details see https://bind9.readthedocs.io/en/v9_16_23/reference.html#view-statement-grammar > 2. internet wisdom augurs that response-policy isn't supported either. Don't believe everything you read on the internet :-) Yes, you can have different RPZ configurations in different views. Another trick that's useful for the kind of setup you are planning is to use the `attach-cache` option so that your views can share the same cache. This improves performance and reduces memory usage. It still works with differing RPZ policies because RPZ only affects the responses sent to clients; RPZ doesn't change how recursion works or what records are saved in the cache. Tony. -- f.anthony.n.finch <d...@dotat.at> https://dotat.at/ Fair Isle, Faeroes: Westerly or southwesterly 7 to severe gale 9, occasionally storm 10 for a time in Faeroes, decreasing 5 to 7 later. Rough or very rough, becoming high for a time. Occasional rain. Moderate, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users