Hello, all. I'm trying to implement a split dns setup with views in
bind9, as laid out in the ARM. It works great for the LAN, but some
hosts coming in over the VPN don't work, they get the external view.
Here's my setup:
view "internal" {
//match-clients { 10.0.0.0/8; 172.16.0.0/12; };
match-destinations { 172.16.59.3; };
include "/etc/bind/named.conf-internal";
include "/etc/bind/named.conf-common";
};
view "external" {
match-clients { any; };
include "/etc/bind/named.conf-external";
include "/etc/bind/named.conf-common";
};
I get the same results whether I use the match-clients line or the
match-destinations line. I've run tcpdump and it sure looks like the
requests come from 10.101.1.5 to 172.16.59.3, but apparently bind thinks
not. I've also tested from 172.17.0.3 which is over the VPN. 172.16.59.x
works great, but that's not over the VPN.
Thanks,
Hans
|
Similar Threads
Linear Mode
