On 2015-05-26, Felipe Scarel <fbsca...@gmail.com> wrote: > after reading some documentation on the NSD manpage and online, it > seems there's no support for views as offered with BIND. I've gathered > that the general suggestion is to run two separate instances (running > on 127.0.0.1, for example), and divert traffic from pf depending on > the connecting source-address.
What are you using views *for*? If it's to present some internal-only hosts to a trusted network that is also using you as a resolver, just use local-data entries in unbound for internal use, and run NSD facing external hosts. Simple setup and fairly easy to use. If it's something more complex (i.e. where you have other resolvers querying you and need to present different views to these based on IP address etc) then yes you will need two separate authoritative servers (or you could keep using BIND for this job of course).
