What I have done is add another IP to boxes with views, one per view (ie: 127.0.1.1/2/3/4). Then put one of those ips in each view match statement. When you do your dig, you tell it to source from a specific interface (dig -b 127.0.1.1 @localhost record.ext). That will ensure that you can hit the view you want to hit, without any guess work.
YMMV. Cheers, Todd. -----Original Message----- From: bind-users-bounces+tsnyder=rim....@lists.isc.org [mailto:bind-users-bounces+tsnyder=rim....@lists.isc.org] On Behalf Of Stewart Dean Sent: Monday, October 25, 2010 2:54 PM To: bind-users@lists.isc.org Subject: Q: One host serving both internal and external nameservice, which view should match-clients for the local host? I have set up a nameserver as per pg 249 of DNS & Bind, 5th Ed. The host is on two networks, serving the internal 10 based network as nsi at 10.5.0.5 with an internal view and the external network as nsx at 192.246.229.x with an external view. Everything makes sense until I get to the match-clients definition. Using the example on 249, named will serve the internal addresses, and the external view match-clients { any; } will take everything else....including the local host 127.0.0.1. That would seem to me to make it so the local host would be unable to resolve (for itself) internal addresses, forcing it to only be able to resolve external addresses for itself. Is this as it should be? Am I missing something? -- "One must think like a hero to behave like a merely decent human being." - May Sarton Stewart Dean, Unix System Admin, Bard College, New York 12504 sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
