On Thursday 21 July 2005 02:25, Daniel Marsh wrote: > The only issue I foresee is having to have slightly different zone names > that you wish to serve for each IP range.
Not true. Zone *files*, yes. Because of the wonderfulness that is NAT, my
LAN's nameserver gives different answers based on whether the query comes
from the LAN or the Internet. My named.conf looks similar to:
view "private" {
match-clients {
!127.0.0.1;
!::1;
localhost;
"lan";
};
zone "honeypot.net" {
type master;
file "internal/db.honeypot.net";
};
};
view "public" {
match-clients { any };
zone "honeypot.net" {
type master;
file "external/db.honeypot.net";
};
};
Then, my zone files looks like:
internal/db.honeypot.net:
$INCLUDE ../common-stuff
www IN A 10.5.0.32
external/db.honeypot.net:
$INCLUDE ../common-stuff
www IN A 12.34.56.78
common-stuff:
@ IN SOA ...
www IN A 2001:470:1f01:224:1::2
and so on
So, the Internet and my LAN see mostly the same data, except for a few
records that get answered with different values.
--
Kirk Strauser
pgpDEh7WPyUP4.pgp
Description: PGP signature
