In message <4c891404.3000...@imperial.ac.uk>, Phil Mayers writes:
> On 09/09/2010 03:45 PM, Timothe Litt wrote:
>
> >
> > There is other advice in the ARM that says to put 'your organization's
> > public keys in the trusted-keys list'. That doesn't help - and in fact,
> > confuses me even more since example.net has TWO different public keys - one
> > for each view. And trusted-keys is a global server option...
> >
> > I must be missing something.
>
> I don't think so. Currently AFAICT bind will not set AD on authoritative
> zones, with any combination of options.
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
Add a match-recursion-only view;
view secure {
match-clients { internal; };
match-recursion-only yes;
recursion yes;
};
view internal {
match-clients { internal; };
recursion no;
};
view external {
match-clients { !internal; any };
recursion no;
};
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
