On Nov 22, 2009, at 1:49 AM, Chris Hills wrote:
> Hi
>
> I have a zone "example.com" configured in two views, internal-in and
> external-in. I have a dynamic zone "dyn.example.com" configured only as an
> external zone. Internal clients can lookup hosts in dyn.example.com, but
> cannot update ("not authorised") as the updates are matched by the zone
> internal-in and not forwarded. Is it possible for bind to forward the updates
> from the internal-in zone to the external-in zone? I want to avoid having to
> have 2 dynamic zones (faq node/291) for simplicity of configuration.
>
> The configuration is like so (note local-networks does /not/ include ::1 to
> allow recursive queries from internal-in to external-in):-
>
> view "internal-in" IN {
> match-clients { local-networks; };
> allow-recursion { local-networks; };
> forwarders { ::1; };
>
> zone "example.com." {
> type master;
> file "master/example.com.internal.zone";
> };
> zone "dyn.example.com." {
> type forward;
> forward only;
> forwarders { ::1; };
> };
> };
Change the zone from type forward to type slave, and add
allow-update-forwarding.
zone "dyn.example.com." {
type slave;
masters { ::1; };
allow-update-forwarding { local-networks; };
};
Then in the external-in view, change allow-update to:
allow-update { ::1; };
Chris Buxton
Professional Services
Men & Mice
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
