On 22/10/12 9:32, Stefan Midjich wrote:
I want to have an exception for certain zones that also exist in my
main wan view.
So I created an acl for the network that needs the exception.
acl OtherNetwork {
10.0.2.192/28 http://10.0.2.192/28;
};
Then I made this block.
view OtherNetwork
From the Bind ARM
6.2.24view Statement Definition and Usage
The view statement is a powerful feature of BIND 9 that lets a name
server answer a DNS query differ- ently depending on who is asking. It
is particularly useful for implementing split DNS setups without having
to run multiple servers.
Thank you Sten, that's a great explanation. I had already read the ARM but
the ARM did not explain why it seemed to work at my home.
I will check tcpdump to investigate further but I believe you're on to
something.
2012/10/22 Sten Carlsen st...@s-carlsen.dk
From the Bind ARM
6.2.24 view
Kevin:
So I think you separated services and updated Bind statically, sorry If my
brevity description of your design is incorrect. Did you try or have any
success or difficulties of having Bind as master and AD resolve directly to it
as well as everyone else?
Thanks for the feed back and the
Michael, much appreciation for the feed back from our west coast Berkeley!
You wouldn't know or have a copy of that Gartner paper would you??
Best,
Aaron
-
Aaron Thompson
Network Architect for IT Operations
Berklee College of Music
1140 Boylston Street, MS-186-NETT
Boston, MA
Nicholas,
Are you using AD or Bind for DNS/DHCP? I'm assuming your using AD for
authentication.
Thanks for the feed back and input on the survey!
Survey Request: Active Directory with ISC Bind and DHCPD
http://www.surveymonkey.com/s/2VYNKW
-
Aaron Thompson
Network Architect for IT Operations
Hi Carsten,
Thanks for the feedback, a top notch summary!
I have little experience in the AD arena for DNS/DHCP. Without being a too
loaded question, with your experience is it possible or common to have a very
knowledgeable understanding of the performance and health of an AD system
similar
We use Bind for all DNS including DDNS for our AD. We use GSS-TSIG to control
what record types and machines can make dynamic updates to our AD zone. We use
ISC's DHCP but don't allow it to do DNS updates since we use GSS-TSIG at the
client level instead.
8 matches
Mail list logo