I did exactly that, but that wasn't what I was asking (I don't think).
What I want to know is about how the nameserver host itself handles any calls
it itself makes to localhost. If I have one view handling 10. addresses and
the other handling ALL others (match-clients { any; }, then it would seem to me
that the nameserver itself, in its OWN need for name resolutions, could ONLY
resolve external addresses (because localhost/127.0.0.1 would fall into the
external view match-client { any;}), it couldn't resolve any 10. internal
addresses for itself in local host calls.
Is what I'm getting at understandable? Correct? Is there something to do with
router tables that could allow the nameserver to resolve its OWN 10. name
resolutions that are needed on the box itself. Again, I am NOT asking about
resolution request calls either from 10. internal hosts NOR from the outside
world, RATHER I am asking about resolution calls the machine has to do FOR
ITSELF through localhost/127.0.0.1. I could add local host to the internal
view's match-cllient statement, yes, but then the box wouldn't be able to
resolve external addresses made through local host.........
----- Original Message -----
From: "Todd Snyder" <tsny...@rim.com>
To: "Stewart Dean" <sd...@bard.edu>, bind-users@lists.isc.org
Sent: Monday, October 25, 2010 3:00:54 PM
Subject: RE: One host serving both internal and external nameservice, which
view should match-clients for the local host?
What I have done is add another IP to boxes with views, one per view (ie:
127.0.1.1/2/3/4). Then put one of those ips in each view match statement.
When you do your dig, you tell it to source from a specific interface (dig -b
127.0.1.1 @localhost record.ext). That will ensure that you can hit the view
you want to hit, without any guess work.
YMMV.
Cheers,
Todd.
-----Original Message-----
From: bind-users-bounces+tsnyder=rim....@lists.isc.org
[mailto:bind-users-bounces+tsnyder=rim....@lists.isc.org] On Behalf Of Stewart
Dean
Sent: Monday, October 25, 2010 2:54 PM
To: bind-users@lists.isc.org
Subject: Q: One host serving both internal and external nameservice, which view
should match-clients for the local host?
I have set up a nameserver as per pg 249 of DNS & Bind, 5th Ed. The host is on
two networks, serving the internal 10 based network as nsi at 10.5.0.5 with an
internal view and the external network as nsx at 192.246.229.x with an external
view. Everything makes sense until I get to the match-clients definition. Using
the example on 249, named will serve the internal addresses, and the external
view match-clients { any; } will take everything else....including the local
host 127.0.0.1.
That would seem to me to make it so the local host would be unable to resolve
(for itself) internal addresses, forcing it to only be able to resolve external
addresses for itself.
Is this as it should be? Am I missing something?
--
"One must think like a hero to behave like a merely decent human being." - May
Sarton Stewart Dean, Unix System Admin, Bard College, New York 12504
sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential
information, privileged material (including material protected by the
solicitor-client or other applicable privileges), or constitute non-public
information. Any use of this information by anyone other than the intended
recipient is prohibited. If you have received this transmission in error,
please immediately reply to the sender and delete this information from your
system. Use, dissemination, distribution, or reproduction of this transmission
by unintended recipients is not authorized and may be unlawful.
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
