Hi List,
I have here two bind server 9.x last version.
One is master and the other Slave.
There are two views, internal and external.
If I on the Slave the following make:
rndc reload XXXXX.com IN external
It receives from the master only "internal" the zone,
not the eXternal zone.
Why ?
In the log file of the master one sees the following:
Mar 10 09:41:15 linuxsrv3 named[7616]: queries: info: client
192.168.100.18#33131: query: XXXXX.de IN SOA
No reference to internal or external.
Is there a parameter, with which one can address
internal and external exactly?
thx
Stefan
named.conf from slave:
// internal hosts
acl internals {
192.168.1.0/24;
192.168.0.0/24;
192.168.100.0/24;
192.168.5.0/24;
192.168.6.0/24;
127.0.0.0/24;
};
// external hosts
acl externals {
!internals;
};
acl forwarder {
194.25.0.68;
194.25.0.52;
194.25.0.60;
};
acl telekom {
194.25.0.125;
194.25.0.121;
194.25.1.113;
194.25.15.217;
194.246.96/24;
129.70.132.100;
195.244.245.27;
194.25.0.122;
195.244.245.25;
195.244.245.24;
194.25.0.44;
194.25.0.45;
194.25.0.46;
62.156.152.59;
62.156.153.47;
};
options {
directory "/etc/namedb";
pid-file "/var/run/named/named.pid";
allow-transfer { none; }; // sample allow-transfer
allow-query { internals; externals; telekom; }; // restrict
query access
allow-recursion { internals; }; // restrict recursion
notify no;
forward only;
forwarders {
194.25.0.52;
194.25.0.60;
194.25.0.68;
};
};
logging {
channel named_info {
// log to syslog instead of a file
syslog daemon;
severity info;
// include the category of the event in the log
print-category yes;
// include the severity of the event in the log
print-severity yes;
// include the time of the event in the log
// print-time yes;
};
// Processing of client requests
category client { named_info; };
// named.conf parsing and processing
category config { named_info; };
// Messages relating to internal memory structures
category database { named_info; };
// This is the default for any category not specifically
defined
category default { named_info; };
// The catch-all. Anything without a category of its own
category general { named_info; };
// Uncomment if you dont want to know about lame server.
// Leave commented and it defaults to the
// value of default above
// category lame-servers { null; };
// The NOTIFY protocol
category notify { named_info; };
// Network operations
category network { named_info; };
// DNS resolution like recursive lookups, etc..
category resolver { named_info; };
// Approval and denial of requests
category security { named_info; };
// Dynamic updates
category update { named_info; };
// Queries. Duh.
category queries { named_info; };
// Zone transfers received
category xfer-in { named_info; };
// Zone transfers sent
category xfer-out { named_info; };
};
view "internal" {
// Internal network
match-clients {
internals;
127.0.0.0/24;
};
recursion yes;
// Provide a reverse mapping for the loopback address 127.0.0.1
zone "0.0.127.in-addr.arpa" IN {
type master;
file "db.127.0.0";
notify no;
};
// Root server hints
zone "." IN {
type hint;
file "db.cache";
};
// We are the slave server for XXXXX.de
zone "XXXXX.de" IN {
type slave;
masters {192.168.100.20; };
file "db.XXXXX-de.internal";
allow-query { internals; };
allow-transfer { internals; };
};
// We are the slave server for XXXXX.com
zone "XXXXX.com" IN {
type slave;
masters {192.168.100.20; };
file "db.XXXXX-com.internal";
allow-query { internals; };
allow-transfer { internals; };
};
// Provide a reverse mapping for 192.168.0.0-255
zone "0.168.192.in-addr.arpa" IN {
type slave;
masters {192.168.100.20; };
file "db.192.168.0.rev";
allow-query { internals; };
allow-transfer { internals; };
};
// Provide a reverse mapping for 192.168.1.0-255
zone "1.168.192.in-addr.arpa" IN {
type slave;
masters {192.168.100.20; };
file "db.192.168.1.rev";
allow-query { internals; };
allow-transfer { internals; };
};
// Provide a reverse mapping for 192.168.100.0-255
zone "100.168.192.in-addr.arpa" IN {
type slave;
masters {192.168.100.20; };
file "db.192.168.100.rev";
allow-query { internals; };
allow-transfer { internals; };
};
};
view "external" {
// External network
match-clients { any; };
recursion no; // refuse recursive service to external clients
// Provide a reverse mapping for the loopback address 127.0.0.1
zone "0.0.127.in-addr.arpa" IN {
type master;
file "db.127.0.0";
notify no;
};
// Root server hints
zone "." IN {
type hint;
file "db.cache";
};
// We are the slave server for XXXXX.de
zone "XXXXX.de" IN {
type slave;
masters {192.168.100.20; };
file "db.XXXXX-de.external";
notify yes;
allow-query {
any;
};
allow-transfer {
internal; telekom;
};
};
// We are the slave server for XXXXX.com
zone "XXXXX.com" IN {
type slave;
masters {192.168.100.20; };
file "db.XXXXX-com.external";
notify yes;
allow-query {
any;
};
allow-transfer {
internal; telekom;
};
};
// Provide a reverse mapping for 217.6.XX.0/25
zone "0.XX.6.217.in-addr.arpa" IN {
type slave;
masters {192.168.100.20; };
file "db.217.6.XX.rev";
allow-query {
any;
};
allow-transfer {
internal; telekom;
};
notify yes;
};
};
|
Similar Threads
Linear Mode
