Hi Bruce, Unbound is primarily a caching server, and even though it does support local zones, that is not its main purpose. Bind (and other dns servers) allows a server to be both recursive and authoritative, but it is not really a clean way of operating (IMHO).
If you want a public server, it should only expose public authoritative information. Internally, you should separate recursive and authoritative services, using unbound only as a recursive server, using a stub zone to refer to internal authoritative information, which could be in an internal view on the same server as the public authoritative information. If you only have a handful of RRs for the internal zone, you could use unbound's local zone, but I think it would be more convenient to manage all the authoritative data in one location, rather than two. If you have to run them on the same server, you should make unbound only respond to an internal interface; the authoritative server should only respond to an external interface, using the internal view if a request comes from the server host itself. Just my two cents, Jan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Hayward, Bruce Sent: Thursday, October 21, 2010 9:33 AM To: [email protected] Subject: [Unbound-users] Unbound and Bind Views One area of Bind that we use is views to direct traffic. Before we can switch to Unbound, we would need a means of emulating views. In researching this (on Google) I came across a thread discussing this: http://www.mail-archive.com/[email protected]/msg00337.html Has anyone documented steps to accomplish this? Thanks Bruce Bruce Hayward, MTS Allstream Inc., (p) 204-958-1983 (e) [email protected] Is it really necessary to print this email? MTS ALLSTREAM INC. CONFIDENTIALITY WARNING: This email message is confidential and intended only for the named recipient(s). If you are not the intended recipient, or an agent responsible for delivering it to the intended recipient, or if this message has been sent to you in error, you are hereby notified that any review, use, dissemination, distribution or copying of this message or its contents is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete the original message. If there is an agreement attached with this message, such agreement will not be binding until it is signed by all parties named therein. _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
