Hello. What exact version of BIND are you running? "named -V" From dig it *looks* like you are running 9.18.9. ECS support only exists in the subscription editions of BIND (-S suffix) and to get that you need to be an eligible ISC support customer.
Thanks, Greg On Tue, 13 Dec 2022 at 10:48, 徐娅 <xuya2...@gmail.com> wrote: > 25-Nov-2022 23:30:32.924 running on Linux x86_64 3.10.0-1127.el7.x86_64 #1 > SMP Tue Mar 31 23:36:51 UTC 202025-Nov-2022 23:30:32.924 built with > '--prefix=/usr/local/bind-9.18.9' '--enable-largefile' '--enable-epoll' > '--enable-full-report' '--disable-doh' '--enable-dnsrps-dl' > '--enable-dnsrps'25-Nov-2022 23:30:32.924 running as: named -c named.conf > -fg25-Nov-2022 23:30:32.924 compiled by GCC 4.8.5 20150623 (Red Hat > 4.8.5-39)25-Nov-2022 23:30:32.924 compiled with OpenSSL version: OpenSSL > 1.0.2k-fips 26 Jan 201725-Nov-2022 23:30:32.924 linked to OpenSSL version: > OpenSSL 1.0.2k-fips 26 Jan 201725-Nov-2022 23:30:32.924 compiled with zlib > version: 1.2.725-Nov-2022 23:30:32.924 linked to zlib version: > 1.2.725-Nov-2022 23:30:32.924 > ----------------------------------------------------25-Nov-2022 23:30:32.924 > BIND 9 is maintained by Internet Systems Consortium,25-Nov-2022 23:30:32.924 > Inc. (ISC), a non-profit 501(c)(3) public-benefit25-Nov-2022 23:30:32.924 > corporation. Support and training for BIND 9 are25-Nov-2022 23:30:32.924 > available at https://www.isc.org/support > > > > # cat named.conf... ...... ...options { listen-on port 353 { any; }; > listen-on-v6 port 353 { any; }; directory "/root/edns/named"; > allow-query { any; }; allow-recursion { any; }; > empty-zones-enable no; pid-file "/root/edns/named/run/named.pid";};view > "aaa" { match-clients { 10.105.0.0/16; }; zone "abc.com" { > type master; file "aaa/abc.com"; };};view "bbb" { match-clients > { 10.106.0.0/26; }; zone "abc.com" { type master; file > "bbb/abc.com"; };};view "idc-default" { match-clients { any; }; > zone "abc.com" { type master; file "any/abc.com"; };};# cat > named/aaa/abc.com... ...www 600 IN TXT aaa# cat named/bbb/abc.comwww 600 IN > TXT bbb# cat named/ccc/abc.comwww 600 IN TXT ccc > > > # dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2; <<>> DiG 9.18.9 > <<>> @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2; (1 server found);; > global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: > NOERROR, id: 7948;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, > ADDITIONAL: 1;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 1232; > COOKIE: 075abe1b7a9c177a010000006380ded9dc3ca0fc1bae43d4 (good); > CLIENT-SUBNET: 10.105.2.2/32/0;; QUESTION SECTION:;txt.abc.com. > IN TXT;; ANSWER SECTION:txt.abc.com. 600 IN > TXT "any";; Query time: 1 msec;; SERVER: 127.0.0.1#353(127.0.0.1) > (UDP);; WHEN: Fri Nov 25 23:27:21 CST 2022;; MSG SIZE rcvd: 99 > > I expect +subnet=10.105.2.2, return *aaa*, but returned any > > # dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2any > > I expect +subnet=10.106.3.3, return *bbb*, but returned any > > # dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.106.3.3any > > > How do I change named.conf? > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users