Oto BREZINA <o...@e-posta.sk> wrote: > > I need to create one subzone of public zone which is served by another server. > This can not be transfered. Server is located on LAN.
Tricky. I don't think it is possible to do what you want with BIND. You probably can do it with dnsdist - see http://dnsdist.org/ (I have not tried to use dnsdist myself.) Explanation of why it doesn't work below... > my setting right now is like: > > view "local" { > allow-query { internals; }; > match-clients { internals; }; > recursion yes; > > include "local zones"; > include "public zones"; > include "slave zones"; > }; > > view "public" { > allow-query { any; }; > match-clients { any; }; > recursion no; > > include "public zones"; // contains example.com with clue to same > server > include "slave zones"; > }; > > I need to add > > zone "calc.example.com" { > type forward; > forward only; > forwarders { local_machine; }; > }; > > adding it to local wont let external client to get access, but works from > internals > adding it to public, does not help, it returns only clues; forward only wont > word as recursion is no, adding another view public2 seems have no affect. The reason this doesn't work is that forwarding in BIND is only for recursive queries. So when you add this "type forward" zone to your public view, it doesn't work for two reasons: firstly, you have disabled recursion on the view, which is normally exactly the right thing, but it also disables forwarding; and secondly, most queries that your server will receive on its public view will be from resolvers with the "recursion desired" bit off, RD=0, which also disables forwarding. And because recursion is disabled, clients that query for calc.example.com will get a referral rather than the answer you expected. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Lundy, Fastnet, Irish Sea: Northerly or northwesterly, backing southwesterly for a time, 4 or 5, increasing 6 at times. Slight or moderate, occasionally rough in Fastnet. Rain or showers. Moderate or good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
